Web Security Training with Spring Boot

This training focuses on typical requirements for web applications, raises awareness about the most common security risks and imparts practical knowledge on countermeasures in both theory and practice.

Request now
Spring Boot Logo

At a glance

General information

2 days practical training

Target group

Software developers and security engineers (basic knowledge of Spring Boot required)

Application examples

Providing Security in Web Applications

Preventing discovered vulnerabilities during development

Description

The Training sessions are usually held in German. Please contact us if you are interested in Training sessions in English.

Increasingly, IT system security is becoming a focal point for companies. This is because they are exposed to potential threats as a result of their networking, architecture and implementations. Many applications are now available online in the form of web apps or APIs, and a single security vulnerability can be enough for attackers to invade the system and cause damage.

To control this risk, security requirements must be considered from the very start of the software development process. Software developers must be aware of attack vectors in order to identify and avoid typical vulnerabilities. This training focuses on typical requirements for web applications, raises awareness about the most common security risks and imparts practical knowledge on countermeasures in both theory and practice.

On the first day of training, participants are sensitised to the risks of inadequate security in web applications. In addition, the most common problem areas are presented using the OWASP Top 10. To make theoretical knowledge hands-on, participants are given the opportunity to hack an intentionally vulnerable web application themselves. After all, only those who know about an attacker’s capabilities can consider and implement appropriate countermeasures when developing a software project.

On the second day, participants will learn how to prevent discovered vulnerabilities already during development. The focus here will be on the Spring Boot platform. Participants learn how Spring Security’s various security mechanisms are structured, how they can be used correctly and which configurations have proved to be successful in practice. Using a sample project, participants can implement this knowledge directly in the code. The training concludes with an outlook on integrating security measures into agile development processes.

Agenda

Day 1

Motivation: Why is software security important?

  • Security as an integral part of modern software systems
  • Current threats and requirements

-OWASP Top 10

  • The ten most common security risks in web applications
  • Countermeasures for defence

Live hacking:

  • Independent discovery and exploitation of vulnerabilities in a provided web app that is deliberately vulnerable
  • Becoming familiar with the attack capabilities of an attacker

 

Day 2

Spring Boot security

  • Principles, methods and components
  • Secure configuration and operation

Practical section: Securing a basic Spring Boot application

  • Identification of classic security pitfalls in a Spring Boot context
  • Incremental pitfall removal/securing

Security in agile development projects

  • Continuous security in the software development lifecycle
  • Best practices for methods and activities

Typical questions we answer:

  • What attackers and threats should I keep an eye on for my application?
  • What are the most common security problems in web applications?
  • How can I properly secure a single-page application?
  • What does correct authentication and authorisation look like on the web?
  • How do I develop my Spring boot backend securely?
  • How does an attacker proceed if he wants to harm my application?
  • How do I test a web application against common vulnerabilities?
Web Security Training with Spring Boot
€1,400.00 (plus VAT)
This training is currently on demand only - contact us now.
Request now
€1,400.00 (plus VAT)

Training forms

Training forms according to your needs: Open trainings take place on fixed dates in mixed groups at an inovex location, inhouse trainings you book individually – configurable as desired.

Inhouse training

  • Training agenda customizable to the group and the project
  • Confidential atmosphere (trainers are under NDA)
  • Configurable according to your needs: place, time, language, tooling
Request now

Open training

  • optimal for individuals
  • new impulses from other participants
  • getting to know other people interested in tech

Trainers

Our trainers are field-tested experts in their areas of expertise. Through their work in projects, they expand their knowledge day by day and pass on this know-how in their trainings - application-oriented and practice-oriented.

Portraitfoto von Clemens Hübner

Clemens Hübner

ISTOB Zertifizierung
Certified Professional for Project Management Badge
Clemens Hübner has been a security expert at inovex for 3 years. In his area of expertise he focuses on web application security, authentication and security testing. Integrating security awareness and measures in agile development teams is his personal motivation.

Frequently Asked Questions

Will I receive a certification as a result of the training?
All participants will receive a certificate of participation from the inovex Academy after the training.
On what basis was the training content designed?
The training is based on the OWASP Top 10 and the trainers' experience with developing secure web applications with Spring Boot.
How can I prepare for the training?
You should have an executable development environment for Java and the Spring Framework that you are familiar with ready to use.
When does the training start?
Our trainings start at 09:00 Central European Time.
Do I get an invitation? When do I get it?
The trainer sends out the invitations about 1 week before the start of the training. In addition to the agenda and the schedule, any preparations (installation of software, etc.) will be pointed out again.

Web Security Training with Spring Boot

Expand your skills and develop your expertise! Our experienced trainers will help you achieve your goals. Sign up and take your know-how to a new level! Request now