Secure Coding And Design Best Practices In Java

Secure Coding in Java with Design Principles and practice - Quick Start Course

What you'll learn

Secure Coding Principles

Secure Coding in Java with some examples

Manage security in Code

Secure coding in Java with examples

Requirements

Java Beginners level is required

Description

Secure Coding and Design Practice in Java–––––––––––––––––––––––Secure coding is a way of writing computer programs that makes them less vulnerable to security threats like hacking and viruses or data leaks.When we write software, we want to make sure it is built in a way that keeps it safe from the attackers who might want to break in and do real bad things, like steal information or cause damage to the application or data.One of the rough truth is that new vulnerabilities are constantly being discovered, which can compromise the security of software systems. This means that even if a software application was secure at one point in time, it may become vulnerable to attack as new weaknesses are identified and exploited by attackers.What is the way to achieve this?The answer is we have to follow certain guidelines and best practices at every stage of development that help us identify and address potential security risks. By doing this, we can better protect sensitive data and prevent unauthorised access or manipulation of the software by attackers.Also, focussing on applications security and updating the application time to time as per the updating security standards.It's essential to prioritise secure coding practices because most businesses today rely on software to run their operations. Software can either be custom-made specifically for the business or purchased from other companies. Building software can be a time-consuming and costly process, but unfortunately, the security of the software often doesn't receive enough attentionIt is not part of day to day programming by developers. There are a few challenges that architects and developers face to achieve code security:Lack of knowledge:Many new developers may not have a comprehensive understanding of secure coding practices and may not be aware of the potential vulnerabilities in their code.Limited resources:Small teams or individual developers may not have the resources to implement complex security measures or to conduct thorough testing of their code.Time constraints: Developers may be under pressure to deliver code quickly, which can lead to shortcuts being taken and security being overlooked.Evolving threats:The security landscape is constantly changing, and new threats can emerge quickly. Developers need to stay up-to-date with the latest threats and vulnerabilities to ensure that their code remains secure.Compatibility issues:Secure coding can sometimes conflict with other requirements, such as compatibility with legacy systems or third-party software, which can make it difficult to implement.These are the challenges faced during the development. The best solution to this is to know the security practices prior to start a new development so that they can be taken in consideration from the very start.This means making sure that all developers understand the basics of secure coding practices and that security is considered throughout the development process Developers should educate themselves on secure coding practices and keep themselves updated with new security vulnerabilities and their solutions.TOC :1. OnBoarding2. Introduction of Secure Coding3. Secure Design4. Understanding the RISKS5. Security Management6. Summary7.  Appendix

Overview

Section 1: Course Introduction

Lecture 1 Introduction to the Course

Section 2: On Boarding

Lecture 2 Introduction to Secure Coding

Lecture 3 Scope

Lecture 4 Who Should Buy

Lecture 5 Resources

Section 3: Secure Design

Lecture 6 What Are Secure Design Principles

Lecture 7 Economy of mechanism

Lecture 8 Fail Safe Defaults

Lecture 9 Complete Mediation

Lecture 10 Open Design

Lecture 11 Least Privilege

Lecture 12 Psychological Acceptability

Lecture 13 Separation of Privilege

Lecture 14 Least Common Mechanism

Lecture 15 Work Factor

Lecture 16 Compromise Recording

Lecture 17 Wrok Factor

Section 4: Secure Coding Practices

Lecture 18 Introduction

Lecture 19 Strong Authentication

Lecture 20 Strong Authentication Demo

Lecture 21 Strong Authentication Measures

Lecture 22 Access Control

Lecture 23 Demo : Importance of Secured Access Control

Lecture 24 Secure Configuration

Lecture 25 Demo Secure Configuration - Java

Lecture 26 Sensitive Data Protection

Lecture 27 Demo Sensitive Data Protection

Lecture 28 Relying on Trusted Components

Lecture 29 Relying on Trusted Components Demo Java

Lecture 30 Serialization and Deserialization

Lecture 31 Serialization and Deserialization Demo - Java

Lecture 32 Precise Logging And Monitoring

Lecture 33 Precise Logging And Monitoring Demo - Java

Lecture 34 Server Side Request Validations

Lecture 35 Injection And inclusion

Lecture 36 Demo : Injection

Lecture 37 Other Things to be careful About

Lecture 38 Summary

Section 5: Understanding Risks - OWASP-TOP-10

Lecture 39 OWASP 10

Lecture 40 OWASP Link

Lecture 41 OWASP 10 - Demo

Section 6: Security Management

Lecture 42 Setting up Product Development Model and Lifecycle

Lecture 43 Analysis of written code

Lecture 44 Analysis of written code : Helper Tools

Lecture 45 Corrections in Code or design

Lecture 46 Timely vulnerability checkups and Security Trainings

Lecture 47 OWASP Dependency Check

Lecture 48 Summary

Section 7: Course Summary and Thank you

Lecture 49 Course Summary and Thank you

Java Programmers who want to learn secure coding