Securing Java Web Application Data

This course gives you the APIs and tools for securing user data in Java as well as the concepts needed to level up your data-security awareness.
Course info
Rating
(16)
Level
Intermediate
Updated
Jun 21, 2019
Duration
2h 40m
Table of contents
Course Overview
Hashing Data
Managing Keys and Certificates
Serializing and Deserializing Data
Signing and Verifying Data
Encrypting and Decrypting Data
Transmitting Data over the Network
Description
Course info
Rating
(16)
Level
Intermediate
Updated
Jun 21, 2019
Duration
2h 40m
Description

Nearly every website holds onto or transmits user data, and that user data is a gold mine for hackers. We hear about penetrations into big companies with large troves of personal data almost daily. In this course, Securing Java Web Application Data, you will gain the ability to secure web application data using JCA, JSSE, and common open source Java libraries like Spring Vault Client and Google Tink. First, you will learn how to safely hash data. Next, you will discover secure serialization and deserialization. Finally, you will explore how to sign, verify, encrypt, and decrypt data. When you’re finished with this course, you will have the skills and knowledge of Web Application Security needed to secure its data.

About the author
About the author

Like many software craftsmen, Josh eats, sleeps, and dreams in code. He codes for fun, and his kids code for fun! Right now, Josh works as a full-time committer on Spring Security and loves every minute.

More from the author
Securing Spring Data REST APIs
Advanced
1h 41m
Feb 19, 2020
More courses by Josh Cummings
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Josh Cummings, and welcome to my course, Securing Java Web Application Data. I'm a principal software engineer on the Spring Security team. Did you know that even if 99% of all data were unhackable that still leaves a dataset the size of 30 Gmails ready to be intruded upon. The task at hand is truly daunting. This course is about using Java to make your data more secure. Some of the major topics that we'll cover include, the three rules of data stewardship, secure standards for hashing, including what makes MD5 so bad, the Java Deserialization Apocalypse, and how to protect your code from it, a deep dive into the JCA, and other APIs for key management signing and encryption, and how JSSE became associated with the most dangerous code in the world, and what to do about it. By the end of this course, you'll know how to use the principles of encoding, hashing, signing, and encryption in Java. Before beginning the course, you should be familiar with Java, including Java 8. From here, you should feel comfortable diving further into Java web application security with courses like, Securing Java Web Applications, and Securing Java Web Application Authentication. I hope you'll join me on this journey to learn Java web application security with the Securing Java Web Application Data course at Pluralsight.