This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Java Security Overview

Jump to: navigation, search


Registration | Hotel | Walter E. Washington Convention Center


Course Length: 1 Day The course on one hand introduces the basic security solutions provided by the Java language and the Java Runtime Environment, tackling issues like the Java Security Architecture and the security services of the Java Standard Edition. On the other hand it provides a comprehensive introduction to Java specific security vulnerabilities. Besides the presentations being continuously updated by the latest advances in the software development industry and the most recent achievements of our security research laboratory, attendees can learn how to use Java security features and can examine and correct typical implementation bugs in example source code snippets through a number of hands-on exercises, prepared in a plug-and-play manner by using a preset VMware virtual machine.

Student Requirements

Students will need to bring a laptop with VMWare


Skill: Intermediate, Advanced

  1. The objective of the course is to provide essential security skills not just for security engineers but also for all programmers, software architects, analysts, testers and reviewers.
  2. The course raises the awareness of attendees to practical security problems by demonstrating the dangers of exploitable vulnerabilities and by giving an insight to the organized underground, the spam-distribution, phishing, bot-nets and all threats that are built on the exploitation of those implementation flaws.
  3. Attendees learn how to avoid these dangers, how to write secure code, how to apply architectural techniques and use applicable security services to increase the quality and security of software products in a cost-effective way.


Instructor: Zoltán Hornák. The owner and managing director of SEARCH-LAB, Zoltán completed his degree at the Technical University of Budapest. He spent eight years in the anti-virus industry as the development director of VirusBuster, and then worked as a security consultant. He established SEARCH Laboratory and launched two spin-off companies. He has led numerous R&D projects and product security audits for market leading ICT companies. He is a lecturer at the Budapest University of Economics and Technology and gives secure coding courses worldwide. He is a CISA, a member of the ISACA, the SAFECode and the John von Neumann Computer Society.