Secure Developer Java (Inc OWASP) Training Course

This instructor-led live training in India (online or on-site) is aimed at web developers who wish to use Angular and Spring Boot to build full-stack applications.

By the end of this training, participants will be able to:

• Develop a full-stack application with Angular and Spring Boot.
• Build a backend application with Spring Boot.
• Create frontend applications with Angular.
• Use Spring Security to configure authentication for a full-stack application.

This course addresses the essential secure coding practices pertinent to a broad spectrum of web application developers. Participants will learn the principles of secure programming by examining specific code snippets, identifying security vulnerabilities, and implementing effective remediation strategies.

Throughout this training, you will observe demonstrations of real-world attack scenarios and learn how to counter them, thereby building confidence in enhancing the security posture of your applications.

Duration: 3 days
Target Audience: Developers seeking to deepen their expertise in secure coding.

Learning Outcomes
• Upon completion, participants will gain knowledge in:
• Web Application Security.
• Common Web Application Risks.
• Penetration Testing on Demo Web Applications.
• Data Validation.
• Authentication.
• Session Management.
• Secure SDLC.

Building secure networked applications can be challenging, even for developers who have previously worked with cryptographic building blocks like encryption and digital signatures. To help participants grasp the role and application of these cryptographic primitives, this course first establishes a strong foundation on the core requirements of secure communication—such as secure acknowledgement, integrity, confidentiality, remote identification, and anonymity. It also highlights common issues that can compromise these requirements and presents practical real-world solutions.

Since cryptography is a critical component of network security, the course covers essential cryptographic algorithms, including symmetric cryptography, hashing, asymmetric cryptography, and key agreement protocols. Rather than focusing on complex mathematical theories, these concepts are explored from a developer's perspective, featuring typical use-case examples and practical considerations related to cryptographic implementation, such as Public Key Infrastructures (PKI). The course also introduces security protocols used in various areas of secure communication, providing an in-depth look at widely adopted protocol families like IPSEC and SSL/TLS.

Common cryptographic vulnerabilities are discussed, covering both specific algorithms and protocols. This includes attacks such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding Oracle, Lucky Thirteen, POODLE, and RSA timing attacks. For each vulnerability, the practical implications and potential consequences are explained, avoiding deep mathematical details to maintain focus on practical understanding.

Finally, given that XML technology is central to data exchange in networked applications, the course addresses XML security. This includes the use of XML within web services and SOAP messages, along with protective measures like XML Signature and XML Encryption. Additionally, it covers weaknesses in these protection mechanisms and XML-specific security issues, such as XML injection, XML External Entity (XXE) attacks, XML bombs, and XPath injection.

Participants attending this course will

• Gain an understanding of fundamental security concepts, IT security, and secure coding practices
• Comprehend the requirements for secure communication
• Learn about network attacks and defenses across different OSI layers
• Develop a practical understanding of cryptography
• Understand essential security protocols
• Recognize recent attacks targeting cryptosystems
• Gain insights into recent related vulnerabilities
• Understand security concepts within Web services
• Access resources and further readings on secure coding practices

Audience

Developers, Professionals

Apache Groovy is a dynamic programming language for the Java Virtual Machine (JVM). Its key features encompass scripting capabilities, Domain-Specific Language (DSL) authoring, runtime and compile-time meta-programming, and functional programming. Groovy is frequently employed as a complement to Java.

In this instructor-led live training, participants will learn how to program in Groovy by stepping through the creation of a sample application.

Audience

• Developers

Course Format

• A blend of lectures, discussions, exercises, and extensive hands-on practice

This instructor-led, live training in India (available online or onsite) is designed for beginner-level developers who wish to learn the fundamentals of Groovy Programming.

Upon completion of this training, participants will be able to:

• Comprehend fundamental programming concepts.
• Compose simple Groovy scripts and leverage core Groovy features.
• Grasp and apply foundational principles of object-oriented programming using Groovy.
• Master basic error-handling techniques to address common programming errors and exceptions in Groovy.

This instructor-led, live training in India (online or onsite) is designed for intermediate-level Java developers who aim to design, develop, deploy, and maintain microservices-based applications using Java frameworks like Spring Boot and Spring Cloud.

By the end of this training, participants will be able to:

• Grasp the core principles and advantages of microservices architecture.
• Construct and deploy microservices using Java and Spring Boot.
• Implement service discovery, configuration management, and API gateways.
• Effectively secure, monitor, and scale microservices.
• Deploy microservices leveraging Docker and Kubernetes.

This instructor-led, live training in India (available online or onsite) is designed for intermediate to advanced developers aiming to master the development of microservices using Spring Boot, Docker, and Kubernetes.

By the end of this training, participants will be able to:

• Grasp the fundamental principles of microservices architecture.
• Develop production-ready microservices using Spring Boot.
• Appreciate the pivotal role of Docker in containerizing microservices.
• Set up Kubernetes clusters for the deployment and orchestration of microservices.

This instructor-led, live training in India (online or onsite) is aimed at developers who wish to use Quarkus to build, test, and deploy applications, fully-powered with Java, but with less resource utilization.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start developing applications with Quarkus.
• Build, compile, and run applications in native mode using GraalVM.
• Utilize Quarkus tooling and extensions for building native applications using Maven.
• Containerize, execute, and deploy applications with Docker.

This instructor-led, live training in India (online or onsite) is aimed at intermediate-level to advanced-level developers and architects who wish to develop Java native applications and microservices using Quarkus with optimized memory usage and startup time.

By the end of this training, participants will be able to:

• Develop high-performance, lightweight Java native applications using Quarkus.
• Build and deploy RESTful services and microservices architectures.
• Use GraalVM for native compilation and optimize startup and memory efficiency.
• Package and containerize applications for Kubernetes and OpenShift environments.

This instructor-led live training India (online or onsite) is targeted at software architects and web developers who wish to use RabbitMQ as messaging middleware and program in Java using Spring to build applications.

By the end of this training, participants will be able to:

• Use Java and Spring with RabbitMQ to build applications.
• Design asynchronous message driven systems using RabbitMQ.
• Create and apply queues, topics, exchanges, and bindings in RabbitMQ

This instructor-led, live training in India (online or onsite) is aimed at web developers who wish to build functional front-end and back-end web applications with Spring Boot, React, and Redux.

By the end of this training, participants will be able to:

• Build a front-end application with React and Redux.
• Create RESTful APIs with Spring Boot.
• Secure web services with Spring security and JWT web tokens.

This instructor-led, live training in India (available online or on-site) is designed for Java developers who wish to use the Spring 5 framework to develop and deploy enterprise web applications.

By the end of this training, participants will be able to:

• Install and configure Spring 5.
• Understand and implement Spring 5's latest features.
• Access databases with Spring Application.
• Use the new reactive web framework, WebFlow, to make an application reactive.
• Integrate a Spring application with legacy Java EE applications.
• Test and deploy an enterprise-grade Spring application.

Spring is a robust Java framework that streamlines enterprise application development by offering potent dependency injection, a modular architecture, and simplified configuration options.

This instructor-led live training (available online or on-site) is designed for beginner-level Java developers eager to construct modern, production-ready web applications leveraging the latest Spring Framework and Spring Boot 3.5.5 alongside Java 21.

Upon completing this training, participants will be capable of:

• Grasping Spring’s core principles, including IoC, DI, and AOP.
• Configuring Spring applications through XML, annotations, and JavaConfig.
• Building RESTful services using Spring Boot and JPA.
• Implementing CRUD operations, managing transactions, and overseeing data persistence.
• Utilizing advanced Spring features like profiles, exception handling, and data serialization.

Course Format

• A concise theoretical overview followed by extensive practical exercises.
• Practical implementation using real-world scenarios.
• Interactive discussions and guided troubleshooting sessions.

Course Customization Options

• For a customized training session, please reach out to us to make arrangements.

Spring WebFlux is a reactive programming module within the Spring Framework designed for building non-blocking, event-driven web applications.

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level Java developers who wish to build scalable and responsive applications using Spring WebFlux.

By the end of this training, participants will be able to:

• Grasp the core concepts of reactive programming with Project Reactor.
• Develop and test non-blocking RESTful APIs using Spring WebFlux.
• Integrate WebFlux with databases and external services.
• Apply reactive patterns to real-world application scenarios.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in India (online or onsite) is aimed at developers who wish to use WebFlux to develop and deploy reactive applications.

By the end of this training, participants will be able to:

• Install and configure Spring 5 and the WebFlux framework.
• Develop reactive application and services.