search icon-carat-right cmu-wordmark

CERT Secure Coding in Java Professional Certificate

The CERT Secure Coding in Java Professional Certificate provides software developers with practical instruction based upon the CERT Secure Coding Standards. The CERT Secure Coding team teaches the essentials of designing and developing secure software in Java. Completion of this Professional Certificate will enable software developers to increase security and reduce vulnerability within the Java programs they develop.

To learn more about all the CERT Secure Coding Professional Certificates, please see: SEI Certificates.

The CERT Secure Coding in Java Professional Certificate is a certificate program that includes two courses and an examination, which are all available online. This Certificate program package includes the required courses, exam, and 2 e-books for continued study.

Secure Software Concepts

Secure Software Concepts explores basic security concepts and how security design principles protect the organization. Risk assessment and management, regulatory requirements, and software design are examined within the context of the organization's acquisition and development lifecycles to prepare the student for a deeper study of secure coding. This eLearning course contains two hours of video instruction that may be studied incrementally.

Secure Coding in Java

Secure Coding in Java provides a detailed explanation of common programming errors in Java and describes how these errors can lead to code that is vulnerable to exploitation. The course concentrates on security issues intrinsic to the Java programming languages and associated libraries. The intent is for this course to be useful to anyone involved in developing secure Java programs regardless of the specific application.

Instruction is accomplished through recorded lectures from SEI instructors. Course exercises allow the concepts taught to be applied in a virtual environment ‹ VM and exercise application files are supplied for download. This eLearning course contains (16) hours of video instruction of video, that may be studied incrementally, and four (4) optional exercises.

This course is also offered as instructor-led training at customer sites.

Secure Coding in Java Examination

The CERT Secure Coding in Java Professional Certificate concludes with an examination of the student's comprehension of the concepts presented in the preceding courses. The exam consists of 40 multiple choice questions. Students proceed through the exam at their convenience over 6 total hours. Students must achieve a passing score of 80%. Once answers are submitted, the exam will provide your score immediately and allow one opportunity to review and change responses to rescore, if necessary.

Please note that successful completion of all program components are necessary to achieve the professional certificate.

Audience

Java Software Developers

Objectives

Students will acquire a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors. In particular, students will learn how to

  • improve the overall security of any Java application
  • avoid injection attacks, such as SQL injection and XSS
  • understand Java's memory model, with a thorough grounding of concurrency, and learn how to prevent race conditions while avoiding deadlock
  • learn when to throw and catch exceptions
  • avoid I/O vulnerabilities, including file-based race conditions
  • learn how historical exploits on Java were executed and later disabled

Topics

Secure Software Concepts

Topics

  • Define the core security concepts
  • Understand how security design principles protect the organization
  • Understand information privacy requirements imposed by regulation
    • Sarbanes-Oxley (SOX)
    • Gramm-Leach-Bliley Act (GLBA)
    • Federal Information Security Management Act (FISMA)
    • Payment Card Industry (PCI)
  • Define governance, risk, and compliance as related to secure software development
  • Identify critical assets, risk, and security requirements
  • Assess and manage risk
  • Identify security tasks within various software development methodologies
  • Select and use software assurance methodologies presented

Secure Coding in Java

Topics

  • Input Sanitization and Validation
  • Objects and Methods
  • Exceptions
  • File I/O
  • The Java Memory Model
  • Concurrency
  • The Java Security Model
  • Historical Vulnerabilities and Exploits

Materials

Once registered, learners will be granted 24-hour-a-day access to the course material for 12 months.

Learners can proceed through the courses at their convenience and can review and repeat individual sections as often as needed.

Each course provides video-recorded training sessions that were presented by SEI CERT instructors to a classroom of students representing a variety of industries. Instructor demonstrations included with the courses explore and reinforce the concepts taught and how they can be successfully applied.

Secure Coding Concepts
  • 8 video training sessions with transcripts
Secure Coding in Java
  • 50 video training sessions with transcripts
  • 4 coding exercises

A copy of course slides is available to download.

The curriculum and materials are based upon the e-books, which are provided in the certificate package:

Prerequisites

  • A basic to intermediate understanding of the Java programming language
  • Software security knowledge or experience is not required

To access the SEI Learning Portal, your computer must have the following:

  • For optimum viewing, we recommend using the following browsers: Microsoft Edge, Mozilla Firefox, Google Chrome, Safari
  • These browsers are supported on the following operating systems: Microsoft Windows 8 (or higher), OSX (Last two major releases), Most Linux Distributions
  • Mobile Operating Systems: iOS 9, Android 6.0
  • Microsoft Edge, Firefox, Chrome and Safari follow a continuous release policy that makes difficult to fix a minimum version. For this reason, following the market recommendation we will support the last 2 major version of each of these browsers. Please note that as of January 2018, we do not support Safari on Windows.

This is an eLearning course.

Register Now

Course Fees [USD]

  • eLearning: $1,250.00

Schedule

Your access period of 12 months is based on your enrollment date.

Learners will have 12 months to complete both courses. Upon completing all elements of each course, the learner is awarded an electronic certificate of course completion. Upon completing both courses and successful completion of the certificate exam, the learner is awarded the CERT Secure Coding in Java Professional Certificate.

If you wish to purchase this course for a group of learners, please email courseregistration@sei.cmu.edu or telephone at +1 412-268-7388 for group rate details.




Course Questions?

Email: course-info@sei.cmu.edu
Phone: 412-268-7388

Related Courses

  • Secure Coding in Java

    4 - Day Course

    Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in Java programming. This four-day course provides a detailed explanation of common programming errors in Java and describes how these errors can lead to code that is...

    Learn More

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.