search menu icon-carat-right cmu-wordmark

CERT Secure Coding in Java Professional Certificate

Certificate • Information Security

CERT Secure Coding in Java Professional Certificate

The need for qualified experts to support organizations in the development of secure software is now greater than ever. To meet this growing demand, we share solutions that are developed as part of our important research. The most effective way for developers to improve software security is to eliminate vulnerabilities during development—before the software is released to users. We offer two certificates in secure coding: Secure Coding in Java, described here, and Secure Coding in C and C++. Both certificates can be earned entirely through online training.

Build More Secure Software

The CERT Secure Coding in Java Professional Certificate helps software developers increase security and reduce vulnerabilities in the Java programs they develop. It provides software developers with practical instruction based on the CERT Oracle Secure Coding Standard for Java, which was curated from the contributions of leading experts for the Java programming language.

The CERT Division has been extremely successful in developing secure coding standards, which have been adopted at the corporate level by companies such as Cisco and Oracle. The success of the secure coding standards contributed to the impetus for including software assurance requirements in the National Defense Authorization Act (NDAA) for Fiscal Year 2013.

Our certificate program helps organizations train their teams to eliminate vulnerabilities during development, which can result in reductions in the total cost of repairing code compared to making the repairs after development. In two courses, the CERT Secure Coding team teaches the essentials of designing and developing secure software in Java; participants demonstrate their comprehension of the concepts in an examination.

Benefits of the CERT Secure Coding in Java Certificate

Completion of this professional certificate enables software developers to increase security and reduce vulnerability in the Java programs they develop. Participants acquire a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors. In particular, participantslearn how to

  • improve the overall security of any Java application
  • avoid injection attacks, such as SQL injection and XSS
  • understand Java's memory model and learn how to prevent race conditions while avoiding deadlock
  • learn when to throw and catch exceptions
  • avoid I/O vulnerabilities, including file-based race conditions
  • learn how historical exploits on Java were executed and later disabled

After completing the certificate, participants may choose to be listed on the SEI website as an SEI Certificate Holder.

Who Should Get This Credential?

  • Java developers in government and industry organizations who want to increase the security of their code and reduce its vulnerability to attack
  • IT professionals who want to obtain a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors

Term and Renewal

The CERT Secure Coding in Java Professional Certificate does not expire.

Summary of Fees

Participants pay fees for courses and the exam; there is no additional fee for the certificate.

eLearning package: $1,250

Organizations considering this training for a group of participants can take advantage of eLearning group discounts or schedule a private, instructor-led, onsite training delivery. Email course-info@sei.cmu.edu or telephone +1 412-268-7622 for details.

Certificate Process

To earn this certificate, complete the following courses and the exam within 12 months:

  Classroom eLearning Onsite
Secure Software Concepts  

 
Secure Coding in Java  

Secure Coding in Java Examination  

 

Download a PDF about this certificate.

Secure Software Concepts

Secure Software Concepts explores basic security concepts and how security design principles protect the organization. Risk assessment and management, regulatory requirements, and software design are examined within the context of the organization's acquisition and development lifecycles to prepare the student for a deeper study of secure coding. This eLearning course contains 2 hours of video instruction that may be studied incrementally.

Secure Coding in Java

Secure Coding in Java provides detailed instruction about common programming errors in Java and describes how these errors can lead to code that is vulnerable to exploitation. The course concentrates on security issues intrinsic to the Java programming languages and associated libraries. This eLearning course contains 16 hours of video instruction, which may be studied incrementally, and 4 online exercises performed in the virtual lab environment.

Secure Coding in Java Examination

The CERT Secure Coding in Java Professional Certificate concludes with an examination of the student's comprehension of the concepts presented in the preceding courses. The exam consists of 40 multiple-choice questions. Students proceed through the exam at their convenience over 6 total hours. Students must achieve a passing score of 80%.

Related Courses

Secure Coding in Java

4
4 - Day Course • Network & Software Security

Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in Java programming. This four-day course provides a detailed explanation of common programming errors in Java and describes how these errors can lead to code that is...

Register

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.