This is an immersive, practical training course that focuses on training web developers to build secure web applications, incorporate essential security elements into the applications – from the development stage to the deployment stage and beyond. The course also highlights the right practices and processes for the entire software development lifecycle. During the course, participants initiate attacks, provide defenses, learn the best practices and processes for coding secure web applications, including XML processing. The course equips participants with the skills and knowledge for identifying potential as well as real security vulnerabilities, and deploying the right defense measures for overcoming them, while also testing the adequacy of the defenses. The courses discusses the common vulnerabilities encountered in web applications and examines each of these vulnerabilities from a Java/JEE perspective.