Nearly every website holds onto or transmits user data, and that user data is a gold mine for hackers. We hear about penetrations into big companies with large troves of personal data almost daily. In this course, Securing Java Web Application Data, you will gain the ability to secure web application data using JCA, JSSE, and common open source Java libraries like Spring Vault Client and Google Tink. First, you will learn how to safely hash data. Next, you will discover secure serialization and deserialization. Finally, you will explore how to sign, verify, encrypt, and decrypt data. When you’re finished with this course, you will have the skills and knowledge of Web Application Security needed to secure its data.
Like many software craftsmen, Josh eats, sleeps, and dreams in code. He codes for fun, and his kids code for fun! Right now, Josh works as a full-time committer on Spring Security and loves every minute.
Course Overview Hi everyone. My name is Josh Cummings, and welcome to my course, Securing Java Web Application Data. I'm a principal software engineer on the Spring Security team. Did you know that even if 99% of all data were unhackable that still leaves a dataset the size of 30 Gmails ready to be intruded upon. The task at hand is truly daunting. This course is about using Java to make your data more secure. Some of the major topics that we'll cover include, the three rules of data stewardship, secure standards for hashing, including what makes MD5 so bad, the Java Deserialization Apocalypse, and how to protect your code from it, a deep dive into the JCA, and other APIs for key management signing and encryption, and how JSSE became associated with the most dangerous code in the world, and what to do about it. By the end of this course, you'll know how to use the principles of encoding, hashing, signing, and encryption in Java. Before beginning the course, you should be familiar with Java, including Java 8. From here, you should feel comfortable diving further into Java web application security with courses like, Securing Java Web Applications, and Securing Java Web Application Authentication. I hope you'll join me on this journey to learn Java web application security with the Securing Java Web Application Data course at Pluralsight.