-
Enterprise Java
Connecting to Kibana Within an AWS VPC
When you use the managed Elasticsearch service on AWS, you usually choose an encrypted connection (via KMS-managed keys), which means…
Read More » -
Enterprise Java
Content-Security-Policy Nonce with Spring Security
Content-Security-Policy is important for web security. Yet, it’s not mainstream yet, it’s syntax is hard, it’s rather prohibitive and tools rarely…
Read More » -
Software Development
Releasing Often Helps With Analyzing Performance Issues
Releasing often is a good thing. It’s cool, and helps us deliver new functionality quickly, but I want to share…
Read More » -
Software Development
Syntactic Sugar Is Not Always Good
This write-up is partly inspired by a recent post by Vlad Mihalcea on LinkedIn about the recently introduced text blocks…
Read More » -
Software Development
Let’s Kill Security Questions
Security questions still exist. They are less dominant now, but we haven’t yet condemned them as an industry hard enough…
Read More » -
Software Development
My Advice To Developers About Working With Databases: Make It Secure
Last month Ben Brumm asked me for the one advice I’d like to give to developers that are working with…
Read More » -
Software Development
OpenSSL Key and IV Padding
OpenSSL is an omnipresent tool when it comes to encryption. While in Java we are used to the native Java…
Read More » -
Enterprise Java
ElasticSearch Multitenancy With Routing
Elasticsearch is great, but optimizing it for high load is always tricky. This won’t be yet another “Tips and tricks…
Read More » -
Software Development
Is It Really Two-Factor Authentication?
Terminology-wise, there is a clear distinction between two-factor authentication (multi-factor authentication) and two-step verification (authentication), as this article explains. 2FA/MFA…
Read More »
