Introduction
Learn how to build secure software in Java with this course. Gain insights into common programming errors in Java and learn how these errors can lead to exploitation. Master security issues that are relevant to the Java programming languages and associated libraries.
Furthermore, learn about common programming errors that lead to software vulnerabilities, how these errors can be exploited and how we can prevent the introduction of these errors.
Course Outline
- Introduction and Common Security Issues
- Why Software Security is important?
- Defects vs vulnerabilities
- Secure Software Development
- Common Vulnerabilities and Exposures (CVE)
- Language based security in Java and Secure Coding Rule
- Web Vulnerabilities
- Difference between C and Java
- Strong Type Checking and Language based security
- Secure Coding Standards
- Input validation and Injection vulnerabilities
- SQL Injection
- Command Injection
- XML Injection
- Object construction, mutation and deserialization
- Mutable object references
- Hard coding sensitive information
- Access modifiers for classes
- Secure serialization and deserialization
- Exceptions, concurrency and I/O
- Zip bomb
- File I/O
- Shared concurrency primitives
- Secure random numbers
- Using static analysis to find bugs
- Secure testing
- Static Analysis
- Using Findbugs to check security rules in Java
