Security
-
Enterprise Java
Fixing common Java security code violations in Sonar
This article aims to show you how to quickly fix the most common java security code violations. It assumes that…
Read More » -
Software Development
How to Cheat at Application Security
Developers need to know a lot in order to build secure applications. Some of this is good software engineering and…
Read More » -
Software Development
Outbound Passwords
Much has been written on how to securely store passwords. This sort of advice deals with the common situation where…
Read More » -
Software Development
XACML In The Cloud
The eXtensible Access Control Markup Language (XACML) is the de facto standard for authorization. The specification defines an architecture (see…
Read More » -
Software Development
Security Requirements With Abuse Cases
Gary McGraw describes several best practices for building secure software. One is the use of so-called abuse cases. Since his…
Read More » -
Software Development
Bcrypt, Salt. It’s The Bare Minimum.
The other day I read this Arstechnica article and realized how tragic the situation is. And it is not this…
Read More » -
Enterprise Java
Cross Site Scripting (XSS) and prevention
Variants of Cross site scripting (XSS) attacks are almost limitless as mentioned on the OWASP site (https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)). Here I propose…
Read More » -
Software Development
WSO2 Identity Server: Identity Management platform
WSO2 Identity Server provides a flexible, extensible and robust platform for Identity Management. This blog post looks inside WSO2 Identity…
Read More » -
Enterprise Java
Spring security 3 Ajax login – accessing protected resources
I have seen some blogs about Spring Security 3 Ajax login, however I could not find any that tackles how…
Read More »
