EC-Council Certified Secure Programmer (JAVA) (ECSP-Java) is comprehensive course that provides hands-on training covering Java security features, policies, strengths, and weaknesses. It helps developers understand how to write secure and robust Java applications and provides advanced knowledge in various aspects of secure Java development that can effectively prevent hostile and buggy code. The end result of security Java coding practices include saving valuable effort, money, time, and possibly the reputation of organizations using Java coded applications. The ECSP - JAVA certification will lead you to the Licensed Penetration Tester certification.
EC-Council is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs, that are offered in over 60 countries through a training network of more than 450 training partners globally.
ActiveLearning is an Authorized Training Partner of EC-Council in the Philippines.
You Will Learn How To
Java security principles and secure coding practices Java Security Platform, Sandbox, JVM, Class loading, Bytecode verifier, Security Manager, security policies, and Java Security Framework
Secure Software Development Lifecycle, threat modelling, software security frameworks, and secure software architectures
Best practices and standards and guidelines for secure file input/output and serialization
Java input validation techniques, validation errors, and best practices
Java exceptions, erroneous behaviors, and the best practices to handle or avoid them
Secure authentication and authorization processes
Java Authentication and Authorization Service (JAAS), its architecture, Pluggable Authentication Module (PAM) Framework, and access permissions through Java Security Model
Secure Java concurrency and session management that includes Java Memory Model, Java Thread Implementation methods, secure coding practices, and guidelines for handling threads, race conditions, and deadlocks
Core security coding practices of Java Cryptography that includes Encryption, KeyGenerator, implementation of Cipher Class,
Digital Signatures, Secret Keys, and key management
Various Java application vulnerabilities such as Cross-Site Scripting (XSS), Cross Site Request Forgery (CSRF), Directory Traversal vulnerability, HTTP Response Splitting attack, Parameter Manipulation, Injection Attacks and their countermeasures
Coding testing and review techniques and practices
Who Should Attend
This ECSP-Java course will significantly benefit the following: