defdev courses
README
secdev courses
Java
JavaScript
Android
iOS
.NET
C/C++
Webapps in general
Testing courses
Mobile testing automation
Security test automation in CI/CD pipelines
Burp for developers
DevSecOps courses
Docker security
AWS security
Control courses
Assisted code-review lab
S-SDLC playbook
Library
Mobile security baseline
Hacking applications
Language specific
Java specific
.net/C# specific
JavaScript specific
C/C++ specific
Delivery
Main features
Agenda structure
Days and kits
Trainer formations
Course materials
Trainers
Glenn ten Cate
Marek Zachara
Péter Nyilasy
Riccardo ten Cate
Timur Khrotko
Zsombor Kovács
Powered by GitBook

Java specific

Courses using it

The language specific module

Secure coding in Java/JEE

Developed by Péter Nyilasy

  • Java security manager

  • Java language security (is Java a secure language?)

  • Java-specific issues

    • Numeric overflow, automatic conversions

    • Serialization, JPQL

  • SEI CERT Oracle Coding Standard for Java

  • Cryptography in Java

Prerequisites

We assume that the developers attending the Java secdev course:

  • are familiar with the Java language and with JEE

  • understand the HTTP protocol, HTML and Javascript

  • are familiar with basic security features of an enterprise application (authentication, authorization, the concept of a session)

  • have Java (JDK) and a suitable IDE installed on their laptop (labs desktop)

Library - Previous
Language specific
Next
.net/C# specific
Last updated 2 months ago
Edit on GitHub
Contents
Courses using it
The language specific module
Secure coding in Java/JEE
Prerequisites