Fundamentals of Secure Programming in Java

Learn how to develop secure Java applications

Get in touch

Application security is fundamental to the development of mission critical Enterprise Applications. The rise of cloud computing, microservices and ever increasing business requirements mean that security is an absolutely essential skill for developers to have.

In this one-day course, you’ll learn the fundamental building blocks of how to develop a secure Java software stack. You will cover the top 10 most common vulnerabilities in detail and how you can prevent yourself from being attacked. You also get to practice putting these skills into practice by breaking into a web application and improving the code to make it secure. The course also covers common tools and frameworks that help us better address security problems. Finally, you will understand how to put these different skills together as part of your software development process.

Duration: One day

Course Outline

Introduction to Security

  • Why is security important?
  • A Layered Approach to avoiding the Eggshell Problem

The OWASP Top 10 Vulnerabilities

  • SQL and other Injection Flaws
  • Broken Authentication and Session Management
  • Cross Site Scripting (XSS)
  • Insecure Direct Object References
  • Security Misconfiguration
  • Sensitive Data Exposure
  • Missing Function Level Access Control
  • Cross-Site Request Forgery (CSRF)
  • Components with Known Vulnerabilities
  • Unvalidated Requests and Forwards
  • Practical exercises

Frameworks & Tooling

  • Application Frameworks: Spring Security and Play
  • Infrastructure Tools: Web Application Firewalls and IP Tables

Applying Security Principles

  • Continuous Security as part of your development process
  • Threat Modelling and Exercise
  • Course Summary

Schedule this course

Let us know your requirements and we will craft a tailored proposal for your team.

Drop us a line with a phone number to call back at

You can also give us a call directly on +44 7931 144 219