Course intended for:

The training is intended for programmers developing applications in the Java environment, in particular, those, who develop high-requirement systems in the context of security.

Course objective:

The participants will be able to use properly the Java language mechanisms and classes, in particular, with regard to problems associated with software data validation, application synchronization, use of the proper classes and cooperation of Java language with native libraries. The trainers will discuss the guidelines of the CERT Oracle Secure Coding Standard for Java / Oracle Secure Coding Guidelines for Java SE in this regard.

For each of the topics presented, its implementation in Java platform will be discussed, providing practical examples to be performed by the participants in form of short programming tasks. The participants will be able to experience the consequences of seemingly correct implementations using Java language mechanisms and classes. The tasks performed and observation of effects of operation of the software will allow them to avoid errors in the future, making it easier to develop reliable and secure Java applications. During the training, tools aiding application validation will also be discussed in the light of CERT/Oracle guidelines.

In particular, the Participants will get practical knowledge of various traps associated with implementation of applications in Java language.


The training participants will be expected to be familiar with Java programming (skill to be acquired during the J/JP course). Web application programmers should independently participate in the training ‚ÄěPrinciples of safe development and maintenance of Web applications on the Java Enterprise platform".

Course parameters:

3*8 hours (3*7 net hours)

The training consists of workshops and lectures.

Course curriculum

  • Fiducial limits in Java

  • Basics of the mechanism of granting rights in Java and JAAS

  • CERT and Oracle guidelines

    • Data processing

    • Initialization of variables and objects

    • Proper use of object orientation mechanisms in Java

    • Expressions, numeric types

    • Management of exceptions

    • Threads and synchronization

    • Management of input/output streams

    • Serialization

    • Launching environment security

    • Java Native Interface

    • Android System

    • Advanced aspects of Class Loading

    • The known imperfections of Java language

  • Practices contributing to secure code development

    • Defensive programming

    • Design by contract

  • Tools that support implementation in accordance with the CERT/Oracle guidelines

Any questions?

* Required.

Phone +48 22 2035600
Fax +48 22 2035601