In this liveProject, you’ll tackle risks caused by unsafe input and output handling in your application. These bugs can make your application vulnerable to reflected and stored attacks such as Cross-Site Scripting (XSS). You’ll identify insecure code and develop fixes to securely handle inputs from untrusted sources, safely manage your encoded data, and avoid unsafe calculations with numeric data types. You will be provided with resource material to identify the problems and will replace the vulnerable Java with secure code to protect against attacks.
This liveProject is designed to be accessible to Java programmers of all skill levels. To begin this liveProject you will need to be familiar with:
- Experience with either Eclipse IDE or IntelliJ IDEA
- RegEx for search and replace
you will learn
In this liveProject, you’ll learn secure coding techniques that you can apply to future code you write or review.
- Handling text from untrusted sources
- Safely logging untrusted data
- Working with encoded data
- Avoiding unsafe calculations with numeric data types
- RegEx and string filtering
- You choose the schedule and decide how much time to invest as you build your project.
- Project roadmap
- Each project is divided into several achievable steps.
- Get Help
- While within the liveProject platform, get help from other participants.
- Compare with others
- For each step, compare your deliverable to the solutions by the author and other participants.