January 22, 2008

Java Security Course Revised

Capstone has revised its primary Java security course: Course 107, "Java Development for Secure Systems." We've implemented a wide range of improvements:

  • The course now covers the latest platforms: Java SE 6 and Java EE 5.
  • We've pared down and refocused the Java SE best-practices chapter, and added a small case study on code-injection attacks.
  • We've automated more of the JAAS configuration chores for web applications, carrying out most of them in scripted builds.
  • Web-application builds are simpler and more straightforward, as the course has adopted the Ant build framework that's common to Capstone's Java-EE courseware.
  • The course sports a new Java EE best-practices chapter, including coverage of SQL injection, cross-site scripting, OWASP, error handling, logging, and auditing techniques.

Version 6.0 of Course 107 is available now -- and Course 106, Advanced Java, has to know it's in our sights ...