Certified Secure Programmer

Course Date:

Registration Period:

24 hours / 3 days

9:00am to 6:00pm

Mode of Training:
Facilitated Learning (F2F)

Singapore Polytechnic

Course Objective

ECSP-Java is a comprehensive course that provides hands-on training covering Java security features, policies, strengths, and weaknesses. It helps developers understand how to write secure and robust Java applications.

It also provides advanced knowledge in various aspects of secure Java development that can effectively prevent hostile and buggy code.

The benefits of secure Java coding practices include saving valuable effort, money, time, and possibly the reputation of organizations using Javacoded applications.

Course Outline

• Java security principles and secure coding practices
• Java Security Platform, Sandbox, JVM, Class loading, Bytecode verifier, Security Manager, security policies, and Java Security Framework
• Secure Software Development Lifecycle, threat modelling, software security frameworks, and secure software architectures
• Best practices and standards and guidelines for secure file input/output and serialization
• Java input validation techniques, validation errors, and best practices
• Java exceptions, erroneous behaviors, and the best practices to handle or avoid them
• Secure authentication and authorization processes
• Java Authentication and Authorization Service (JAAS), its architecture, Pluggable Authentication Module (PAM) Framework, and access permissions through Java Security Model
• Secure Java concurrency and session management that includes Java Memory Model, Java Thread Implementation methods, secure coding practices, and guidelines for handling threads, race conditions, and deadlocks
• Core security coding practices of Java Cryptography that includes Encryption, Key Generator, implementation of Cipher Class, Digital Signatures, Secret Keys, and Key Management
• Various Java application vulnerabilities such as Cross-Site Scripting (XSS), Cross Site Request Forgery (CSRF), Directory Traversal vulnerability, HTTP Response Splitting attack, Parameter Manipulation, Injection Attacks and their countermeasures
• Coding testing and review techniques and practices

Suitable for

The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with Java. It is designed for developers who have Java development skills.

Minimum Entry Requirements / Assumed Skills and Knowledge

Participants should be familiar with Java development and programming.

Award / Certification / Accreditation

The ECSP Java exam will be conducted on the last day of training. Students need to pass the exam to receive the ECSP certification from EC Council

Mode of Assessment

Students need to pass the exam which will be conducted on the last day of training.

Applicants/EligibilityTotal fees (incl. GST)
Singapore Citizens aged 40 and above1$145.20
Singapore Citizens aged below 40$385.20
Singapore Permanent Residents$385.20
SME-sponsored Singapore Citizens and Permanent Residents2$145.20
Full Course Fee$1,284.00
Singaporeans aged 25 years and above may use **SkillsFuture Credit balance to offset respective course fees.

1Under the SkillsFuture Mid-career Enhanced Subsidy. For more information, visit the SkillsFuture website here
2 Under the Enhanced Training Support for Small & Medium Enterprises (SMEs) Scheme. For more information of the scheme, click here. To view SP’s list of similar funded courses, click here. Please submit the attached “Declaration Form for Enhanced Training Support Scheme for SME” together with your online application.

Funding Incentives

Please click here for more information on funding incentives.

Register Here

Eligible for SkillsFuture Credit
Terms and Conditions

*Please note that once the maximum class size is reached, the online registration will be closed.
You may register your interest, and would be notified if there is new run.

Application Procedure

1. All applications must be made via Online Registration at www.pace.sp.edu.sg
Course fees can be paid by the following payment modes:

a) Credit Cards, Internet Banking, NETS (Not Applicable for company sponsored)
For e-payment using Visa/Master cards and Internet Banking, please click on the ‘Make e-Payment’ button on the acknowledgement page to proceed.

b) For NETS payment, you can pay at:
Singapore Polytechnic
PACE Academy

c) For payment via PayNow, please enter the UEN No. T08GB0056ACET and indicate the invoice/registration number. 

*With effect from 1 August 2021, cheque payment will not be available.

2. All successful applicants will be notified with a letter of confirmation via email.

Chat with us