This intensive training provides Java developers with the expertise to secure their web applications against common and advanced threats.
Participants will explore OWASP Top 10, SEI CERT, and Spring Security to prevent issues such as SQL Injection, XSS, Race Conditions, Log4Shell, and Spring2Shell.
Hands-on labs ensure practical application of security concepts through real-world coding exercises.

Regulatory Compliance (BDDK)

Fully aligned with the Regulation on Banks’ Information Systems and Electronic Banking Services (Articles 20, 22, 23, 25).

Key compliance areas:

Secure software development lifecycle (Article 20)
Versioning and change management (Article 22)
Security testing and vulnerability assessment (Article 23)
Information security awareness (Article 25)

Ideal for banks, financial institutions, and regulated industries requiring compliance training.

We can organize this training at your preferred date and location. Contact Us!

Who Should Attend

Java developers, software engineers, security analysts,
and professionals in banking or regulated sectors responsible for application security.

What You Will Learn

By the end of this training, you will have gained knowledge and skills in the following areas:

Identify and fix OWASP Top 10 vulnerabilities in Java applications.
Implement secure coding to prevent injection, XSS, and race conditions.
Use Java and Spring Security features effectively.
Harden authentication and session management.
Perform vulnerability assessments using SAST and DAST tools.
Mitigate modern threats such as Log4Shell and Spring2Shell.
Apply SEI CERT and Saltzer-Schroeder security principles.

Graduates of this course will be able to:

Develop and maintain secure Java applications,
Conduct vulnerability assessments,
Ensure full compliance with BDDK secure coding and testing standards.

Training Outline

Day 1:

IT Security foundations and OWASP Top 10
SQL, OS, and XML Injection
XSS attack analysis and prevention

Day 2:

Authentication, session handling, CSRF defense
Logic flaws, race conditions, file upload security
Business logic and path traversal

Day 3:

Java and Spring Security deep dive
EL Injection, AOP-based security, endpoint protection
Static and dynamic testing with Burp, ZAP, SQLMap
Secure coding principles and exam preparation

Certification

Online APMG multiple-choice exam
60 questions, 50% pass mark
Proctored remotely via the APMG Candidate Portal

Why Choose Us

Experience Certified Java and Web application security through Bilginç IT Academy's live and interactive virtual classroom environment, accessible from your home, office, or any location. Connect with expert trainers in real time and bring the energy of classroom learning into the digital experience.

Live Instructor-Led Sessions: Join scheduled training sessions with your instructor and fellow delegates in real time.
Interactive Learning Experience: Take part in discussions, practical exercises, group activities, and Q&A sessions throughout the course.
Expert Trainer Network: Learn from experienced trainers with strong industry backgrounds and practical field expertise.
Over 30 Years of Training Expertise: Benefit from Bilginç IT Academy's long-standing experience in delivering professional training since 1995.
Flexible and Scalable Delivery: Access live virtual classrooms worldwide with flexible planning options for individual and corporate training needs.

Experience Certified Java and Web application security in a focused classroom environment designed for high engagement and effective learning. Bilginç IT Academy's carefully selected training venues provide a professional setting where delegates can interact directly with expert trainers and peers.

Experienced Trainers: Learn from specialists with extensive field experience and real-world knowledge.
Professional Training Venues: Attend courses in comfortable, well-equipped classrooms designed to support effective learning.
Focused Classroom Experience: Benefit from limited class sizes that encourage discussion, interaction, and personalized support.
Quality-Driven Learning: Develop practical skills through structured, up-to-date, and professionally designed training content.

Meet your team's training needs with Bilginç IT Academy's onsite Certified Java and Web application security solution, delivered at your office or preferred location. Align your team's development with your business goals through a training experience tailored to your organization.

Tailored Course Content: Adapt the training program to your organization's projects, team structure, and specific business requirements.
Time and Cost Efficiency: Reduce travel, accommodation, and operational costs while maximizing the value of your training investment.
Team-Focused Learning: Help your employees develop around the same knowledge base and strengthen collaboration across your organization.
Simplified Planning and Tracking: Manage the training process, participant development, and organizational requirements with greater control.

Why have you chosen us?

I have attended a training from Bilginc IT Academy before and I was satisfied.

I have attended a training from a different provider and it was not helpful.

Other

How many employees do you have in your IT department?

0 – 50

50 – 250

250 – 1000