McAfee Introduces New Java Security Training Application @ JDJ

McAfee, the pioneer and worldwide leader of intrusion prevention solutions, today announced the availability of a new software security training application, called Hacme Books, developed by the company's leading security services group, Foundstone Professional Services, for use in its educational courses. The Hacme Books application simulates a 'real-world' eCommerce bookstore and was built with known and common vulnerabilities to teach application developers, programmers, architects and security professionals how to create secure Java software. Leveraging this new tool, software developers and architects can examine real exploits against Java applications and learn from the offending code in order to better understand vulnerabilities and how to repair them.

Hacme Books was designed with an architectural patterns driven approach to ensure that software is built securely from the beginning. While most application security techniques focus on compiling lists of vulnerability classifications and checklists to ensure security. By simulating real-world environments and attack scenarios, application developers can better understand how to design secure software by identifying the fundamental issues that can enable an attack, and what they can do to stop malicious activity.

"McAfee's Foundstone educational courses have been enormously successful in helping security professionals and software developers understand today's critical security issues and how hackers exploit vulnerabilities in real-world environments," said Mark Curphey, senior director of consulting for Foundstone Professional Services at McAfee. "By providing developers with the Hacme Books tool, we are now able to help them understand how to build secure web applications from the ground up."

Hacme Books was originally designed for the "Writing Secure Code Java (J2EE)" educational courses offered through Foundstone Professional Services. In the class, students are challenged with real world scenarios that are reinforced by practical and realistic code level lab exercises, and are given the opportunity to fix known issues and then entirely revamp the code for a simulated online bookstore.