Secure coding and security testing in Java for DevSecOps (SCASTIJFDSO)

 

Course Overview

The course provides an in-depth exploration of security concerns and best practices tailored specifically for DevOps engineers working on Java software on the AWS cloud platform. Starting off from the foundations of cybersecurity, you will understand the consequences of insecure code by examining threats through the lens of the CIA triad.

In the main part of the material, you will go through the various security issues outlined in the OWASP Top Ten with a focus on DevSecOps issues – identity management in microservice and cloud environments, secure AWS configuration, securing CI / CD build processes, secrets management, and logging and monitoring. Finally, you’ll explore cloud security with a focus on security automation and tooling in AWS, the security of containers and container orchestration (Docker, Kubernetes), microservices, and Infrastructure as Code tools (CloudFormation, Terraform), and security testing tools relevant for DevSecOps.

These modules go beyond just theory. Not only do they show vulnerabilities, their consequences, and corresponding best practices, but – through hands-on labs and real-world case studies – they offer practical experience in identifying, exploiting, and mitigating these security risks.

So that you are prepared for the forces of the dark side.

So that nothing unexpected happens.

Nothing.

Who should attend

Java architects, developers and testers

Prerequisites

DevSecOps, General Java and Web development, testing and QA

Course Objectives

  • Getting familiar with essential cyber security concepts
  • Understanding Web application security issues
  • Detailed analysis of the OWASP Top Ten elements
  • Putting Web application security in the context of Java
  • Going beyond the low hanging fruits
  • Managing vulnerabilities in third party components
  • Learn to deal with cloud infrastructure security
  • Understand cloud security specialties
  • Understanding security testing methodology and approaches
  • Getting familiar with security testing techniques and tools

Course Content

  • Cyber security basics
  • The OWASP Top Ten 2021
  • Cloud security
  • Security testing
  • Wrap up

Prices & Delivery methods

Online Training
Modality: L

Duration 3 days

Price
  • on request
Dates and Booking
Request a date
Classroom Training
Modality: C

Duration 3 days

Price
  • Eastern Europe: 2,250.— €
Dates and Booking
Request a date

Currently there are no training dates scheduled for this course.