Scribd
Upload
36 views

1-CASE Java-Slide

The document outlines a course on Java application security. It discusses security topics like input validation, authentication, authorization, and cryptography. It emphasizes OWASP top 10 vulnerabilities and security testing. The course is 40 hours and provides certification. Resources include OWASP, tools like Burp Suite and SonarQube, and an instructor with security engineering experience and certifications.

Uploaded by

thangphamai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
36 views

1-CASE Java-Slide

The document outlines a course on Java application security. It discusses security topics like input validation, authentication, authorization, and cryptography. It emphasizes OWASP top 10 vulnerabilities and security testing. The course is 40 hours and provides certification. Resources include OWASP, tools like Burp Suite and SonarQube, and an instructor with security engineering experience and certifications.

Uploaded by

thangphamai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

CASE Java

Phạm Đình Thắng


MSc. Bordeaux 1

Security Profile

• Input Validation
• Authentication
• Authorization
• Configuration Management
• Sensitive Data
• Session Management
• Cryptography
• Parameter Manipulation
• Exception Management
• Auditing and Logging

1
Exploiting - Security Vulnerabilities
• Attack phases
– Demo
– Practices
• Patching phases
• Exercises
• Open Discussion

Emphasis
• OWASP top 10 2021
– Input Validation / Output Encoding
– Broken Access Control
– Injection
• SQL injection
• XSS
• XXE
• Command injection
• Server-side template injection
– Request Forgeries
• Cross-Site Request Forgeries
• Server-Side Request Forgery
– Authentication Weakness
– Authorization
– JWT
– Vulnerable Components
• Security Testing: Code Analysis

2
Courseware

Resources Tools
• OWASP • Apache Netbean IDE
• Maven • Burp Suite
• WebGoat • Zap
• ESAPI Swingset Interactive • CyberChef
• Portswigger • Postman
• Checkmarx
• Dependency-check
• Sonarqube
• …

About the Course

• Duration: 40 hours
• Certification: Certified Application Security Engineer (java) ECC

3
Instructor
Phạm Đình Thắng

▪ MSc. Bordeaux 1 University, France, Software Technology.


▪ EC-Council Instructor
▪ EC-Council Instructor Best Newcomer Award 2021
▪ Python, php, CompTia Sec+, ECSA, CEH, CHFI, CASE Java,
CPENT, Pentest LPT, Reverse Engineering, Malware Analysis

Contact : 0902869983 - [email protected]

You might also like