Overview
The Java Developer learning path includes a variety of security courses that will vary depending on whether you are seeking core, advanced, or elite paths. It is designed to provide a working knowledge for developing solid and secure Java applications as well as recognizing and remediating common Java web software security vulnerabilities.
Course concepts covered:
- Java, JRE, and J2EE constructs
- Core implementation practices
- Best practices for designing, developing, and testing Java based solutions using common standards and frameworks
- AWA 101 – Fundamentals of Application Security
- AWA 102 – Secure Software Concepts
- COD 102 – The Role of Software Security
- COD 103 – Creating Software Security Requirements
- COD 104 – Designing Secure Software
- COD 105 – Secure Software Development
- COD 106 – The Importance of Software Integration and Testing
- COD 107 – Secure Software Deployment
- COD 108 – Software Operations and Maintenance
- DES 101 – Fundamentals of Secure Architecture
- COD 219 – Creating Secure Code: SAP ABAP Foundations
- COD 251 – Defending AJAX-Enabled Web Applications
- COD 256 – Creating Secure Code: Ruby on Rails Foundations
- COD 259 – Node.js Threats & Vulnerabilities
- COD 281 – Java Security Model
- COD 283 – Java Cryptography
- COD 284 – Secure Java Coding
- COD 287 – Java Application Server Hardening
- DES 204 – Role of Cryptography in Application Development
- DES 207 – Mitigating OWASP API Security Top 10
- DES 212 – Architecture Risk Analysis & Remediation
- DES 232 – Mitigating OWASP 2021 Injection
- DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures
- DES 234 – Mitigating OWASP 2021 Cryptographic Failures
- DES 235 – Mitigating OWASP 2021 Insecure Design
- DES 236 – Mitigating OWASP 2021 Broken Access Control
- DES 237 – Mitigating OWASP 2021 Security Misconfiguration
- DES 238 – Mitigating OWASP 2021 Server-Side Request Forgery (SSRF)
- DES 240 – Mitigating OWASP 2021 Vulnerable and Outdated Components
- DES 241 – Mitigating OWASP 2021 Security Logging and Monitoring Failures
- DES 281 – OWASP IoT1: Mitigating Weak, Guessable or Hardcoded Passwords
- DES 282 – OWASP IoT2: Mitigating Insecure Network Services
- DES 283 – OWASP IoT3: Mitigating Insecure Ecosystem Interfaces
- DES 284 – OWASP IoT4: Mitigating Lack of Secure Update Mechanism
- DES 285 – OWASP IoT5: Mitigating Use of Insecure or Outdated Components
- DES 286 – OWASP IoT6: Mitigating Insufficient Privacy Protection
- DES 287 – OWASP IoT7: Mitigating Insecure Data Transfer and Storage
- DES 288 – OWASP IoT8: Mitigating Lack of Device Management
- DES 289 – OWASP IoT9: Mitigating Insecure Default Settings
- DES 290 – OWASP IoT10 Mitigating Lack of Physical Hardening
- ENG 205 – Fundamentals of Threat Modeling
- ENG 211 – How to Create Application Security Design Requirements
- ENG 212 – Implementing Secure Software Operations
- LAB 228 – Defending Java Applications Against Weak AES ECB Mode Encryption
- LAB 229 – Defending Java Applications Against Weak PRNG
- LAB 230 – Defending Java Applications Against XSS
- LAB 234 – Defending Java Applications Against Parameter Tampering
- LAB 235 – Defending Java Applications Against Plaintext Password Storage
- LAB 236 – Defending Java Applications Against Sensitive Information in Error Messages
- LAB 237 – Defending Java Applications Against SQL Injection
- LAB 240 – Defending Java Applications Against eXternal XML Entity (XXE) Vulnerabilities
- LAB 244 – Defending Java Applications Against Security Misconfiguration
- LAB 263 – Defending Java Applications Against Sensitive Information in Log Files (NEW)
- LAB 267 – Defending Java Applications Against Deserialization of Untrusted Data (NEW)
- LAB 271 – Defending Java Applications Against SSRF (NEW)
- COD 352 – Creating Secure JavaScript and jQuery Code
- COD 361 – HTML5 Secure Threats
- COD 362 – HTML5 Built in Security Features
- COD 363 – Securing HTML5 Data
- COD 364 – Securing HTML5 Connectivity
- COD 380 – Preventing SQL Injection in Java
- COD 381 – Preventing Path Traversal Attacks in Java
- COD 382 – Protecting Data in Java
- COD 383 – Protecting Java Backend Services
- COD 384 – Protecting Java from Information Disclosure
- COD 385 – Preventing Race Conditions in Java Code
- COD 386 – Preventing Integer Overflows in Java Code
- DES 311 – Creating Secure Application Architecture
- DSO 307 – Secure Secrets Management
- ENG 312 – How to Perform a Security Code Review
- SDT 325 – Testing for NULL Pointer Dereference
Learning Path Details
Number of Courses: 71
Number of Labs: 14
Total Duration: 22 Hours
Total CPE Credits: 26