SEC-102
Application Security Training
Cost: $600
Duration: 3
Day
s
Skill Level: Beginner
Course Overview
This training program is designed to provide the participants with the knowledge and skills to write secure code, prevent common vulnerabilities, and apply best practices in secure software development. By the end of the workshop, participants will be able to identify security risks in code, mitigate potential threats, and implement secure coding standards to enhance the security of their applications.
Learning Outcomes
- Gain a comprehensive understanding of security risks and implement essential data protection measures.
- Develop secure applications by applying encryption, authentication, and best coding practices.
- Securely manage sensitive information within databases to prevent data breaches.
- Integrate secure messaging protocols and ensure safe communication across systems.
Suitable For
Employees and professionals who handle sensitive data, IT professionals, security personnel, managers, and anyone interested in learning about the application security component.
Course Outline
Fundamentals of Security Coding and Java Modules
- Introduction to Secure Coding
- Overview of Secure Coding Practices (SANS, OWASP)
- Understanding Common Vulnerabilities (e.g., SQL Injection, Cross-Site Scripting, Buffer Overflow)
- Secure Coding Standards (e.g., CERT, OWASP Top 10)
- Java Security Code (Theory)
- Java Security Features (Security Manager, Java Sandbox)
- Common Java Vulnerabilities
- Injections (SQL, LDAP)
- Path Traversal
- Best Practices for Secure Java Code
- Java Secure Coding (Hands-on Exercise)
- Sample Code: Create a secure login system with Java that prevents common attacks (SQL injection, XSS).
- Hands-on Exercise: Implement secure data storage using encryption in Java.
- Tools: Eclipse or IntelliJ, JUnit for testing.
Secure Coding in Web Development Modules (React Redux, Vue JS, Python)
- JavaScript Secure Coding (React Redux and Vue.js)
- Introduction to Secure Web Development
- Understanding Front-End Attacks (e.g., Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF))
- Implementing Security in React Redux and Vue JS
- Preventing XSS
- Secure Authentication and Session Management
- Python Secure Coding (Theory)
- Overview of Python’s Security Landscape
- Common Python Vulnerabilities
- Input Validation
- Command Injection
- Secure APIs in Python (e.g., Flask Security, Django Security)
- Hands-on Exercises: React Redux, Vue JS, Python
- React Redux: Secure form validation and preventing XSS attacks.
- Vue JS: Implement CSRF protection.
- Python: Create a simple web service using Flask with secure password hashing and input validation.
- Tools: VS Code or WebStorm, Flask/Django, npm, and Node.js
Secure Integration and Database Management Modules (Solace, Rabbit MQ, Tibco, Oracle SQL, MySQL, Groovy, Microsoft PowerApps, Microsoft Dynamics 365)
- Secure Messaging and Integration
- Secure Messaging Protocols and Practices
- Vulnerabilities in Messaging Systems
- Implementing Secure Communication with Solace and RabbitMQ
- Securing Enterprise Service Bus (ESB) with Tibco
- Database Security
- SQL Injection Attacks
- Database Encryption and Secure Data Storage
- Role-based Access Control (RBAC)
- Hands-on Exercise: Database and Integration Security
- Solace: Secure a Solace messaging system to prevent data interception.
- RabbitMQ: Implement secure authentication and authorization in RabbitMQ.
- Oracle SQL/MySQL: Design secure database queries to prevent SQL Injection. Use encryption techniques for sensitive data storage.
- Groovy: Secure scripting with Groovy in a Java environment.
- Microsoft PowerApps and Dynamics 365: Secure data access and control user permissions within PowerApps and Dynamics.
- Tools: Oracle Database, MySQL Workbench, PowerApps, RabbitMQ Management Plugin, Tibco EMS.
HARDWARE AND SOFTWARE REQUIREMENTS
- Hardware
- Laptops/PCs (Minimum requirements):
- 8 GB RAM
- Quad-Core Processor (i5 or higher recommended)
- 500 GB SSD or HDD storage
- Internet Access (high-speed)
- Virtual Machines (Optional, depending on the environment setup)
- Laptops/PCs (Minimum requirements):
- Software
- IDE & Code Editors:
- Java: Eclipse, IntelliJ
- JavaScript: VS Code, WebStorm
- Python: PyCharm, Jupyter Notebook (for testing purposes)
- Database Tools:
- Oracle SQL Developer, MySQL Workbench
- Messaging Tools:
- Solace PubSub+, RabbitMQ
- Tibco EMS
- Web Servers & Frameworks:
- Node.js, npm, Flask/Django (for Python)
- React Redux, Vue.js Libraries
- Collaboration Tools:
- GitHub, GitLab
- Additional Tools:
- VirtualBox (for VMs), Docker (if containerization is needed)
- IDE & Code Editors:
EXCLUSIVE TRAINING FOR YOU COMPANY
AT YOUR PREFERRED SCHEDULE
Tailored to the needs of your organization, we also offer cadetship
programs which include a series of our standardized O&B Academy courses.
Get a quote