Secure Developer Java (Inc OWASP) Training Course

By the end of this training, participants will be able to:

• Explain application security and vulnerabilities
• Describe ABAP programming best practices and handling of SY-SUBRC
• Understand injection vulnerabilities
• Describe security testing tools
• Explain ATC and CVA

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

This instructor-led, live training in Macao (online or onsite) is aimed at web developers who wish to use Angular and Spring Boot to build full stack applications.

By the end of this training, participants will be able to:

• Develop a full stack application with Angular and Sping Boot.
• Build a backend application with Spring Boot.
• Create frontend applications with Angular.
• Use Spring Security to configure authentication for a full stack application.

Implementing a secure networked application can be difficult, even for developers who may have used various cryptographic building blocks (such as encryption and digital signatures) beforehand. In order to make the participants understand the role and usage of these cryptographic primitives, first a solid foundation on the main requirements of secure communication – secure acknowledgement, integrity, confidentiality, remote identification and anonymity – is given, while also presenting the typical problems that may damage these requirements along with real-world solutions.

As a critical aspect of network security is cryptography, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement are also discussed. Instead of presenting an in-depth mathematical background, these elements are discussed from a developer's perspective, showing typical use-case examples and practical considerations related to the use of crypto, such as public key infrastructures. Security protocols in many areas of secure communication are introduced, with an in-depth discussion on the most widely-used protocol families such as IPSEC and SSL/TLS.

Typical crypto vulnerabilities are discussed both related to certain crypto algorithms and cryptographic protocols, such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE and similar, as well as the RSA timing attack. In each case, the practical considerations and potential consequences are described for each problem, again, without going into deep mathematical details.

Finally, as XML technology is central for data exchange by networked applications, the security aspects of XML are described. This includes the usage of XML within web services and SOAP messages alongside protection measures such as XML signature and XML encryption – as well as weaknesses in those protection measures and XML-specific security issues such as XML injection, XML external entity (XXE) attacks, XML bombs, and XPath injection.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Understand the requirements of secure communication
• Learn about network attacks and defenses at different OSI layers
• Have a practical understanding of cryptography
• Understand essential security protocols
• Understand some recent attacks against cryptosystems
• Get information about some recent related vulnerabilities
• Understand security concepts of Web services
• Get sources and further readings on secure coding practices

Audience

Developers, Professionals

Apache Groovy is a JVM (Java Virtual Machine) dynamic programming language. Some of its features include scripting capabilities, Domain-Specific Language authoring, runtime and compile-time meta-programming and functional programming. Groovy is often used as a compliment to Java.

In this instructor-led, live training, participants will learn how to program in Groovy as they step through the creation of a sample application.

Audience

• Developers

Format of the course

• Part lecture, part discussion, exercises and heavy hands-on practice

This instructor-led, live training in Macao (online or onsite) is aimed at beginner-level developers who wish to learn the basics of Groovy Programming.

By the end of this training, participants will be able to:

• Understand the basic programming concepts.
• Write simple Groovy scripts and utilize Groovy core features.
• Understand and apply basic principles of object-oriented programming using Groovy.
• Learn basic error-handling techniques to manage common programming errors and exceptions in Groovy.

This instructor-led, live training in Macao (online or onsite) is aimed at intermediate-level Java developers who wish to design, develop, deploy, and maintain microservices-based applications using Java frameworks like Spring Boot and Spring Cloud.

By the end of this training, participants will be able to:

• Understand the principles and benefits of microservices architecture.
• Build and deploy microservices using Java and Spring Boot.
• Implement service discovery, configuration management, and API gateways.
• Secure, monitor, and scale microservices effectively.
• Deploy microservices using Docker and Kubernetes.

This instructor-led, live training in Macao (available online or onsite) is tailored for intermediate to advanced developers seeking to master the development of microservices using Spring Boot, Docker, and Kubernetes.

By the end of this training, participants will be able to:

• Comprehend microservices architecture principles.
• Build production-ready microservices using Spring Boot.
• Understand the critical role of Docker in containerizing microservices.
• Configure Kubernetes clusters to deploy and orchestrate microservices.

This instructor-led, live training in Macao (online or onsite) is aimed at developers who wish to use Quarkus to build, test, and deploy applications, fully-powered with Java, but with less resource utilization.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start developing applications with Quarkus.
• Build, compile, and run applications in native mode using GraalVM.
• Utilize Quarkus tooling and extensions for building native applications using Maven.
• Containerize, execute, and deploy applications with Docker.

This instructor-led, live training in Macao (online or onsite) is aimed at intermediate-level to advanced-level developers and architects who wish to develop Java native applications and microservices using Quarkus with optimized memory usage and startup time.

By the end of this training, participants will be able to:

• Develop high-performance, lightweight Java native applications using Quarkus.
• Build and deploy RESTful services and microservices architectures.
• Use GraalVM for native compilation and optimize startup and memory efficiency.
• Package and containerize applications for Kubernetes and OpenShift environments.

This instructor-led, live training in Macao (online or onsite) is aimed at software architects and web developers who wish to use RabbitMQ as a messaging middle-ware and program in Java using Spring to build applications.

By the end of this training, participants will be able to:

• Use Java and Spring with RabbitMQ to build applications.
• Design asynchronous message driven systems using RabbitMQ.
• Create and apply queues, topics, exchanges, and bindings in RabbitMQ

This instructor-led, live training in Macao (online or onsite) is aimed at web developers who wish to build functional front-end and back-end web applications with Spring Boot, React, and Redux.

By the end of this training, participants will be able to:

• Build a front-end application with React and Redux.
• Create RESTful APIs with Spring Boot.
• Secure web services with Spring security and JWT web tokens.

This instructor-led, live training in Macao (online or onsite) is aimed at Java developers who wish to use the Spring 5 framework to develop and deploy build enterprise web applications.

By the end of this training, participants will be able to:

• Install and configure Spring 5.
• Understand and implement Spring 5's latest features.
• Access databases with Spring Application.
• Use the new reactive web framework, WebFlow, to make an application reactive.
• Integrate a Spring application with legacy Java EE applications.
• Test and deploy an enteprise-grade Spring application.

Spring is a comprehensive Java framework that simplifies enterprise application development by providing powerful dependency injection, modular architecture, and streamlined configuration options.

This instructor-led, live training (online or onsite) is aimed at beginner-level Java developers who wish to build modern, production-ready web applications using the latest version of Spring Framework and Spring Boot 3.5.5 with Java 21.

By the end of this training, participants will be able to:

• Understand Spring’s core principles including IoC, DI, and AOP.
• Configure Spring applications using XML, annotations, and JavaConfig.
• Develop RESTful services using Spring Boot and JPA.
• Implement CRUD operations, handle transactions, and manage data persistence.
• Use advanced Spring features such as profiles, exception handling, and data serialization.

Format of the Course

• Brief theoretical introduction followed by extensive practical exercises.
• Hands-on implementation using real-world examples.
• Interactive discussion and guided troubleshooting.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Spring WebFlux is a reactive programming module within the Spring Framework designed for building non-blocking, event-driven web applications.

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level Java developers who wish to build scalable and responsive applications using Spring WebFlux.

By the end of this training, participants will be able to:

• Understand the fundamentals of reactive programming with Project Reactor.
• Build and test non-blocking RESTful APIs using Spring WebFlux.
• Integrate WebFlux with databases and external services.
• Apply reactive patterns to real-world application scenarios.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Macao (online or onsite) is aimed at developers who wish to use WebFlux to develop and deploy reactive applications.

By the end of this training, participants will be able to:

• Install and configure Spring 5 and the WebFlux framework.
• Develop reactive application and services.