Java

Basic secure developing tasks, proper implementation, and additional topics such as proper data handling, CSP, security headers, and secure secrets management will actively enhance your learning experience.

40 modules | 9 hrs 22min | 33 Experiments | Green Belt Level
Try Java training modules!

Example Java Concepts

  • Examine JavaServer™ Faces (JSF) as a standard component-oriented UI framework
  • Secure SQL, SQL Injection
  • Examine the insecure use of XML
  • Various ways of Java serializing and deserializing data
  • Token authentication
  • HTTPS protocol and TLS
  • Prevent content injection attacks
  • Resource exhaustion and DoS

What's Included?

We created this Green Belt path for developers coding in Java. It includes our standard 13 Green Belt Secure Development lesson with the addition of 27 Java lessons. Each of our lessons are short and conclude with a brief ten question assessment. The learning module length is purposeful – they are perfect for filling gaps in a developer’s day while code is deploying.

Secure Development Core Lesson Modules
Intro to Secure Development
Intro to Secure Coding
Secure Coding Best Practices: Part 1
Secure Coding Best Practices: Part 2
Language Typing
Securing the Development Environment
Protecting your Code Repository
Producing a Clean, Maintainable, & Secure Code Culture
Secure the Release
Designing a Secure App or Product
Thinking Like A Penetration Tester
Secure Design Principles in Action: Part 1
Secure Design Principles in Action: Part 2
Java
Green Belt Path
Syntactic & Semantic Input Validation 
Input Validation with Range Checks, Regex, & Enums
Web Input Validation: Bean Validation API and Spring
Web Input Validation: JSF
Parameterization with SQL
Securely Working with SQL
Securely Working with XML
Avoiding Insecure Serialization & Deserialization
Encode Output
Authentication: Basic and Kerberos​
Authentication: Forms​
Authentication: Token
Authentication: JWT
Authentication: External authentication
CSRF & Open Redirects
Authorization: Simple, Role-Based, & View-Based
Sessions and Cookies
Logging
Error Handling and Exceptions
HTTPS and TLS
Content Security Policy
Security Headers
Application Secrets Storage
Hashing Passwords
File Uploads
Thread Safety
Insecure Coding with Java​