Professional Documents
Culture Documents
Course Introduction
Today's Internet Enabled Application developer must be able to efficiently understand the concept of secure coding technics to develop a secure application. In order to provide a total secure solutions from operating system level to application level. This course provides all those necessary skills for programming developer to understand how to apply knowledge, techniques and tools in develop much more secure JAVA (J2EE) Application in Real world.
Course Objectives
Graduates of this program will have the knowledge and skills needed to meet the real-world challenges faced by Application Software developer. They can prevent suspicious activities that might compromise the system and application. A secure coding can provide an advance security on systems.
Learning Level
Advance
Course Duration
5 Days (30 Hours)
Prerequisites
JAVA (J2EE) framework knowledge.
Target Group
Web application developer Software Quality Assuror IT Manager
Course Outline
Day 1 Web Application Security Terminology o o o o Vulnerabilities Exploit Attack Countermeasure
P R OG R A M O R G A NI Z E D B Y :
Mr.TanapatChaipimol Tel:(66) 2-650-5771 ext. 105 Fax: (66) 2-650 5597 E-mail: tanapat.ch@acisonline.net acis-training@acisonline.net
Ms.Athitiya Weerayasobprasong Tel:(66) 2-650-5771 ext. 104 Fax: (66) 2-650 5596 E-mail: athitiya.w@acisonline.net www.acisonline.net
Introduction to Open Web Application Security Project (OWASP) o Informative Resources Top Vulnerability list Security Knowledge Base o Security Learning & Assessment Tools
Day 2 Workshop - How to apply OWASP's techniques and tools with J2EE Web Application o o o o o Day 3 Workshop - How to apply OWASP's techniques and tools with J2EE Web Application o o o o Day 4 Workshop - How to apply OWASP's techniques and tools with J2EE Web Application o o o Preventing Cross-Site Request Forgery Preventing Persistent (Stored) Cross-Site Scripting Preventing Reflected Cross-Site Scripting Preventing Command Injection Preventing SQL Injection Preventing Numeric Injection Preventing Path Injection Serious Attacks Introduction to Webgoat and Hacking Tools Introduction to Apaches Element Construction Set (ECS) Java API Proper Exception Handling Preventing Client-state Manipulation
Mr.TanapatChaipimol Tel:(66) 2-650-5771 ext. 105 Fax: (66) 2-650 5597 E-mail: tanapat.ch@acisonline.net acis-training@acisonline.net
Ms.Athitiya Weerayasobprasong Tel:(66) 2-650-5771 ext. 104 Fax: (66) 2-650 5596 E-mail: athitiya.w@acisonline.net www.acisonline.net