Tag: architecture

Description

Security by design is a fundamental approach, nowadays every Java developer should implicitly consider it while writing any piece of code, even though it might or might not be an explicit quality attribute.

This course reveals key concepts, principles, and approaches that are used to design applications where security is a first-class quality attribute. Upon completion, you’ll have a thorough understanding of security principles that you can apply to your project.

Key concepts covered in this course

  • Security design principles (e.g. least privilege, defense in depth, minimization, compartmentalization, simplicity, fail securely, etc)
  • OAuth 2.0 grant types
    • Implicit Flow
    • Password Grant
    • Client Credentials
    • Authorization Code
  • Refresh/access tokens
  • APIs (micro)services security
    • Token introspection
    • JSON Web Key Set (JWKS)
    • Permissions based access control
    • JWT vulnerabilities (e.g. “alg”: “none”)
  • Java process security
    • Input data sanitization techniques
    • Dealing with input files from external sources
    • Whitelisting vs. blacklisting approach
    • Efficient logging patterns
    • Randomly generated numbers
    • Java serialization
    • JVM Security Manager
  • Mitigating attacks
    • SQL injection
    • XML external entity
    • DoS via input data
  • Docker containers security

 

Duration

  • 12 hours

 

Target Audience

  • Java developers
  • application security geeks
  • technical leaders
  • software architects

 

People from the following companies attended my courses:

 

Enroll

Note: At the moment this course is available only for companies, teams, or groups of students. The individual subscription (i.e. single person) is not an option at the moment.

 

Description

The goal of the course is to outline key concepts, principles, and approaches used to design applications where high-performance, scalability, and resiliency are first-class quality attributes.

By the end of this course, candidates will have acquired in-depth knowledge about how to describe business requirements, how to design and implement high-performance, scalable, and resilient applications, and how to create a proper testing plan.

Key concepts covered in this course

  • Different metrics are used to quantify performance, scalability, and resilience, such as response time, latency, resource utilization, percentiles, availability, etc.
  • How to properly define business requirements about performance, scalability, and resilience, for a particular workload and under a specific working mode.
  • Modern architectural styles that might be used while designing high-performance, scalable, and resilient applications, with their pros and cons (e.g. microservices, event-driven, reactive, serverless, etc.).
  • Architectural tactics to achieve high-performance (e.g. caching, batching, lazy loading, throttling, optimistic locking, back pressure, etc.), scalability (e.g. data push, data pull, distributed and parallel processing, etc.), and resiliency (e.g. replication, redundancy, disaster recovery, circuit breaker, bulkheads, etc.)
  • Advanced high-performance development techniques such as NUMA, large pages, Data-Oriented Design, C-states, RamFS/TmpFS, memory access patterns, etc.
  • How to elaborate a test plan with a focus on stress, endurance, and load testing

 

Agenda

  • Architectural concepts pertaining to high-performance, scalable, and resilient applications
  • Defining non-functional business requirements for high-performance, scalable, and resilient applications
  • Architectural tactics for high-performance, scalability, and resiliency
  • Advanced development techniques in light of high-performance applications
  • Application testing
  • Examples of modern systems (e.g. Linkedin use case, Uber use case, etc.)

 

Duration

  • 16 hours

 

Target Audience

  • software developers
  • technical leaders
  • software/solution architects
  • test engineers
  • business analysts with a technical background or passionate about technology

 

Attendees’ Feedback

Excellent course content helping me to understand a lot of things, from a very high level and abstract to a very deep and technical perspective.
I recommend this course if you want to get in touch with real technical topics. The trainer clearly explained to them, even for less technical people.
The trainer was very well prepared. He answered all of our questions, even if they were not really the subject of the training.
I liked more the advanced part about how to tune an application, outside of the programming language, to get better performance.
Interesting and informative course, presented by a trainer who knows a lot of stuff. I got a lot of ideas and techniques that I can use to build more efficient applications in my daily job.

 

People from the following companies attended my courses:

 

Enroll

Note: At the moment this course is available only for companies, teams, or groups of students. The individual subscription (i.e. single person) is not an option at the moment.

 

Java Performance Tuning

This course covers JVM architecture, memory structure, Garbage Collectors, tuning, profiling, micro-benchmarking techniques, tips, and tricks.

Duration: 16 h


  

Software Architecture Essentials

This course introduces the main concepts and context of software architecture, roles, and responsibilities of a software architect, essential requirements identification, architectural design techniques, how to properly document and review the architecture.

Duration: 16 h


   

Designing High-Performance, Scalable, and Resilient Applications

The goal of the course is to outline key concepts, principles, and approaches used to design applications where high-performance, scalability, and resiliency are first-class quality attributes.

Duration: 16 h


   

Application Security for Java Developers

This course reveals key concepts, principles, and approaches that are used to design applications where security is a first-class quality attribute.

Duration: 12 h

   

I am an independent Technical Trainer, Software Architect, and Security Champion.

I speak at software development conferences and meetups around the world, delivering presentations, training courses, and workshops.

Please contact me if you are interested in conducting any software architecture, Java performance, or security course or workshop for your team or your company.

 

Professional Figures

       15  years of experience

     31+  articles, blog posts

     34+  conferences talks

         8  years of training

     70+  training sessions

   850+  trainees

 1200+  hours of training

     10+  training clients

         4  training countries

 

At Work

 

Contact

 

 

Social Media