Security
-
Agile
Appsec’s Agile Problem
Agile development has a serious Appsec problem. Most Agile development teams suck at building secure software. But one of the…
Read More » -
Software Development
This is Stuff: Cryptography & Theory 1: Meaning of Secure
Cryptography & Theory is series of blog posts on things I learned in coursera stanford online crypto class. The class contained…
Read More » -
Enterprise Java
Spring Security – Behind the scenes
Security tasks such as authentication of user and authorization of a user to view application resources are usually handled by…
Read More » -
Software Development
Top 10 Web Application Security Risks From OWASP
The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software.…
Read More » -
Enterprise Java
Authentication and Authorization as an open source solution service
Designing a centralized service for all user data by implementing authentication and authorization (a&a) mechanism. I’ll share my experience and finalize…
Read More » -
Software Development
Landscapes in Mobile Application Security
There are different aspects in Cloud and Mobile application security – and in different angles you can look in to…
Read More » -
Core Java
How to use ECC with OpenJDK
Everyone who ever tried to use Elliptic Curve Cryptography (ECC) in Java with an OpenJDK was either forced to use…
Read More » -
Core Java
Creating Password-Based Encryption Keys
This article discusses creating password-based encryption PBE keys. First a reminder of earlier points – as a rule you should,…
Read More » -
Enterprise Java
WS-Security: using BinarySecurityToken for authentication
As we all know, one goal set by WS-Security is to enforce integrity and/or confidentially on SOAP messages. In case…
Read More »
