SkillBuilders Welcome  |  Log in
All Oracle APEX Classes

Secure Development with Oracle Application Express:
1 Day Onsite or 7 Hour Online Hands-On Training.

 

Over the years APEX applications have become increasingly secured and hardened by default. However, without a proper understanding of web based exploits and how to guard against them, it’s still very easy for developers to create applications that are not secure. 
This course is meant for developers working in environments where security matters. Students will learn about various techniques hackers may use and how those techniques can be mitigated using a combination of built-in APEX tools and other tools in the Oracle ecosystem. 

Over the years APEX applications have become increasingly secured and hardened by default. However, without a proper understanding of web based exploits and how to guard against them, it’s still very easy for developers to create applications that are not secure. This course is meant for developers working in environments where security matters. Students will learn about various techniques hackers may use and how those techniques can be mitigated using a combination of built-in APEX tools and other tools in the Oracle ecosystem. 

Average Student Rating:

 

  1. Controlling User Access
    1. Overview of the problem and solutions
    2. Anatomy of an Authentication Scheme
    3. Public Pages vs. Authenticated Pages
    4. Page Level Authorization
    5. Button and Process Authorization
    6. On-demand Process Authorization
    7. File Upload
  2. Protecting Items and Session State
    1. Overview of the problem and solutions
    2. Validations
    3. Hidden and protected
    4. Page Access Protection
    5. Session State Protection
    6. PREPARE_URL Considerations
    7. Ajax Considerations
    8. Read-Only
  3. Guarding Against Cross-Site Scripting
    1. Overview of the problem and solutions
    2. Report Column Display Type
    3. Report Column Formatting – HTML Expressions
    4. Report Column Formatting – Column Link
    5. Report Column Formatting – List of Values
    6. Direct Output
  4. Guarding Against SQL Injection
    1. Overview of the problem and solutions
    2. Dynamic SQL – Execute Immediate
    3. Dynamic SQL – Cursors
    4. Dynamic SQL – APEX API
    5. Dynamic SQL – Function Returning SQL Query
    6. Substitution Variables
  5. Other Security Concerns and Options
    1. Using SSL
    2. Apache Reverse Proxy
    3. Securing Apache
    4. APEX Instance Security Attributes
 
SkillBuilders Sample Video