2 Day Training: Tuesday (10/23) and Wednesday (10/24)
The students of this course are usually intermediate to senior Java web developers who excels at writing Java code but worry about data breaches and online threats. This fast paced all hands-on course will teach you how to write secure J2EE code and stay one step ahead of attackers. Students will learn how to design and architect secure J2EE application. The course will quickly delve into implementation security flaws and some of the best ways to fix them via a series of labs designed around security flaws in a real-life J2EE web application.
Finally, students will get an introduction to security code review and how they can use open source tools to uncover critical vulnerabilies.
By the end of this course, students will be able to design and architect J2EE web applications with security built-in. In addition, they will learn practical skills on how to uncover and fix critical vulnerabilities in existing J2EE web applications.
Sherif Koussa is the lead developer on WebGoat5.0 and lead instructor at Secure Code Gurus (www.securecodegurus.com). Sherif came to security from a software development, architecture and leadership background.
Working as a Senior Security Information Security for Wells Fargo and Wachovia marked the shift in Sherif’s career to software security in general and secure code review in particular.
Afterwards, Sherif founded Software Secured (www.softwaresecured.com) to help software companies design, develop and deploy secure code. Sherif is currently leading the Static Code Analysis Evaluation Criteria (SATEC) project with the Web Application Security Consortium (WASC). He is also a steering committee member for SANS GSSP-Java and GSSP-NET, a GIAC exam consultant, founder and leader of OWASP Ottawa Chapter.