Secure Developer Java (Inc OWASP) Training Course

This instructor-led live training in Norway (online or onsite) is aimed at web developers who wish to use Angular and Spring Boot to build full stack applications.

By the end of this training, participants will be able to:

• Develop a full stack application with Angular and Spring Boot.
• Build a backend application with Spring Boot.
• Create frontend applications with Angular.
• Use Spring Security to configure authentication for a full stack application.

Implementing a secure networked application can be challenging, even for developers who have previously utilized various cryptographic building blocks (such as encryption and digital signatures). To help participants grasp the role and application of these cryptographic primitives, a solid foundation is first laid regarding the core requirements of secure communication: secure acknowledgment, integrity, confidentiality, remote identification, and anonymity. This includes presenting typical problems that can undermine these requirements alongside real-world solutions.

Given that cryptography is a critical aspect of network security, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement are also discussed. Rather than presenting an in-depth mathematical background, these elements are explored from a developer's perspective, illustrating typical use-case examples and practical considerations related to cryptography, such as public key infrastructures. Security protocols in various areas of secure communication are introduced, with an in-depth discussion on the most widely-used protocol families, such as IPSEC and SSL/TLS.

Typical cryptographic vulnerabilities are discussed, both in relation to certain crypto algorithms and cryptographic protocols (e.g., BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE, and similar), as well as the RSA timing attack. In each case, the practical considerations and potential consequences of each problem are described, again, without delving into deep mathematical details.

Finally, as XML technology is central to data exchange for networked applications, the security aspects of XML are described. This includes the usage of XML within web services and SOAP messages, alongside protection measures such as XML signature and XML encryption. The discussion also covers weaknesses in these protection measures and XML-specific security issues, such as XML injection, XML external entity (XXE) attacks, XML bombs, and XPath injection.

Participants attending this course will

• Understand basic concepts of security, IT security, and secure coding
• Understand the requirements of secure communication
• Learn about network attacks and defenses at different OSI layers
• Have a practical understanding of cryptography
• Understand essential security protocols
• Understand some recent attacks against cryptosystems
• Gain information about some recent related vulnerabilities
• Understand security concepts of web services
• Obtain sources and further readings on secure coding practices

Audience

Developers, Professionals

Developing secure C and C++ code demands rigorous defenses against malicious exploitation, memory corruption, and input validation bypasses. This program explores vulnerability patterns such as buffer overflows, use-after-free errors, integer overflows, and type confusion. Participants will apply secure coding guidelines, static analysis tools, and defensive programming techniques to eliminate weaknesses, enforce input sanitization, and deliver hardened software that is resilient against cyberattacks.

Apache Groovy is a dynamic programming language that runs on the JVM (Java Virtual Machine). Key features include scripting capabilities, Domain-Specific Language (DSL) creation, runtime and compile-time meta-programming, and support for functional programming. Groovy is frequently used as a complement to Java.

In this instructor-led live training, participants will learn to program in Groovy by building a sample application step by step.

Audience

• Developers

Course Format

• A combination of lectures, discussions, exercises, and extensive hands-on practice

This instructor-led live training in Norway (online or onsite) is designed for beginner-level developers who want to learn the fundamentals of Groovy Programming.

By the end of this training, participants will be able to:

• Understand fundamental programming concepts.
• Write simple Groovy scripts and utilize core Groovy features.
• Understand and apply basic principles of object-oriented programming using Groovy.
• Learn basic error-handling techniques to manage common programming errors and exceptions in Groovy.

This instructor-led, live training in Norway (online or onsite) is designed for intermediate-level Java developers who want to design, develop, deploy, and maintain microservices-based applications using Java frameworks such as Spring Boot and Spring Cloud.

Upon completion of this training, participants will be capable of:

• Understanding the core principles and advantages of microservices architecture.
• Constructing and deploying microservices using Java and Spring Boot.
• Implementing service discovery, configuration management, and API gateways.
• Effectively securing, monitoring, and scaling microservices.
• Deploying microservices using Docker and Kubernetes.

This instructor-led, live training in Norway (available online or onsite) is tailored for intermediate to advanced developers seeking to master the development of microservices using Spring Boot, Docker, and Kubernetes.

By the end of this training, participants will be able to:

• Comprehend microservices architecture principles.
• Build production-ready microservices using Spring Boot.
• Understand the critical role of Docker in containerizing microservices.
• Configure Kubernetes clusters to deploy and orchestrate microservices.

This instructor-led live training in Norway (online or onsite) is designed for developers who wish to use Quarkus to build, test, and deploy applications, fully leveraging Java while minimizing resource utilization.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start developing applications with Quarkus.
• Build, compile, and run applications in native mode using GraalVM.
• Utilize Quarkus tooling and extensions for building native applications using Maven.
• Containerize, execute, and deploy applications with Docker.

This instructor-led, live training in Norway (online or onsite) is aimed at intermediate-level to advanced-level developers and architects who wish to develop Java native applications and microservices using Quarkus with optimized memory usage and startup time.

By the end of this training, participants will be able to:

• Develop high-performance, lightweight Java native applications using Quarkus.
• Build and deploy RESTful services and microservices architectures.
• Use GraalVM for native compilation and optimize startup and memory efficiency.
• Package and containerize applications for Kubernetes and OpenShift environments.

This instructor-led, live training in Norway (online or on-site) is aimed at software architects and web developers who wish to use RabbitMQ as messaging middleware and program in Java using Spring to build applications.

By the end of this training, participants will be able to:

• Use Java and Spring with RabbitMQ to build applications.
• Design asynchronous message-driven systems using RabbitMQ.
• Create and apply queues, topics, exchanges, and bindings in RabbitMQ

This instructor-led, live training in Norway (online or onsite) is aimed at web developers who wish to build functional front-end and back-end web applications with Spring Boot, React, and Redux.

By the end of this training, participants will be able to:

• Build a front-end application with React and Redux.
• Create RESTful APIs with Spring Boot.
• Secure web services with Spring security and JWT web tokens.

This instructor-led, live training in Norway (available online or on-site) is designed for Java developers who wish to use the Spring 5 framework to develop and deploy enterprise web applications.

By the end of this training, participants will be able to:

• Install and configure Spring 5.
• Understand and implement Spring 5's latest features.
• Access databases with Spring Application.
• Use the new reactive web framework, WebFlow, to make an application reactive.
• Integrate a Spring application with legacy Java EE applications.
• Test and deploy an enterprise-grade Spring application.

Spring stands as a robust Java framework that streamlines enterprise application development through advanced dependency injection, modular architecture, and efficient configuration mechanisms.

Designed for Java developers at the beginner level, this instructor-led live training (available online or onsite) focuses on creating modern, production-grade web applications. Participants will utilize the latest Spring Framework and Spring Boot 3.5.5 alongside Java 21.

Upon completing this training, learners will be equipped to:

• Grasp Spring’s foundational concepts, including Inversion of Control (IoC), Dependency Injection (DI), and Aspect-Oriented Programming (AOP).
• Set up Spring applications using XML, annotations, and JavaConfig.
• Construct RESTful services leveraging Spring Boot and JPA.
• Execute CRUD operations, manage transactions, and oversee data persistence.
• Leverage advanced Spring capabilities such as profiles, exception handling, and data serialization.

Training Format

• A concise theoretical overview followed by extensive practical exercises.
• Practical implementation using real-world scenarios.
• Interactive dialogue and guided troubleshooting sessions.

Course Customization

• For tailored training arrangements, please reach out to us directly.

Spring WebFlux is a reactive programming module within the Spring Framework designed for building non-blocking, event-driven web applications.

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level Java developers who wish to build scalable and responsive applications using Spring WebFlux.

By the end of this training, participants will be able to:

• Understand the fundamentals of reactive programming with Project Reactor.
• Build and test non-blocking RESTful APIs using Spring WebFlux.
• Integrate WebFlux with databases and external services.
• Apply reactive patterns to real-world application scenarios.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Norway (online or onsite) targets developers looking to utilize WebFlux for developing and deploying reactive applications.

Upon completion of this training, participants will be able to:

• Install and configure Spring 5 and the WebFlux framework.
• Develop reactive applications and services.