EC-Council Certified Secure Programmer

The ECSP Java program is a comprehensive course that provides hands-on training covering Java security
features, policies, strengths, and weaknesses. It helps developers understand how to write secure and
robust Java applications, and provides advanced knowledge in various aspects of secure Java development
that can effectively prevent hostile and buggy code.

Key Outcomes
• Introduces Java security architecture and
common security threats
• Secure software development lifecycle
• Common threats and mitigation approaches
• Detailed coverage of input validation, output
encoding, authentication and authorization,
and other secure coding practices
• Thorough understanding of Sandbox, JVM,
Bytecode Verifier, Security Manager, and JSF
(Java Security Framework)

Course Outline

Course Outline

• Java security principles and secure coding
practices Java Security Platform, Sandbox,
JVM, Class loading, Bytecode verifier, Security
Manager, security policies, and Java Security
• Secure SDLC, threat modelling, software
security frameworks, and secure software
• Best practices and standards and guidelines for
secure file input/output and serialization
• Java input validation techniques, validation
errors, and best practices
• Java exceptions, erroneous behaviors, and the
best practices to handle or avoid them
• Secure authentication and authorization
• Java Authentication and Authorization
Service (JAAS), its architecture, Pluggable
Authentication Module (PAM) Framework,
and access permissions through Java Security
• Secure Java concurrency and session
• Core security coding practices of Java
Cryptography that includes Encryption, Key
Generator and implementation of Cipher Class,
• Digital signatures, secret keys, and key
• Various Java application vulnerabilities

Training Schedule

EC-Council Certified Secure Programmer
2021 - 2022
Training schedule not found.