Security
-
Enterprise Java
Apache Shiro Part 1 – Basics
Apache Shiro, originally called JSecurity, is Java security framework. It was accepted and became Apache top level project in 2010.…
Read More » -
Core Java
Secure Password Storage – Don’ts, dos and a Java example
The importance of storing passwords securely As software developers, one of our most important responsibilities is the protection of our…
Read More » -
Software Development
Building security into a development team
Getting application developers to understand and take responsibility for software security is difficult. Bootstrapping an Appsec program requires that you…
Read More » -
Software Development
AppSensor – Intrusion Detection
Imagine that you have created a nice web application and secured it to your best. Users came, used it and…
Read More » -
Software Development
Application Security at Scale
This week’s SANS AppSec conference in Las Vegas took on Application Security at Scale: how can we scale application security…
Read More » -
Core Java
Secure Encryption in Java
Last time I wrote about cryptography, I outlined Apache Shiro crypto API and shown how to use its two symmetric…
Read More » -
Enterprise Java
Drools Guvnor – Manage access
Externalize business or technical rules is very important for scalable applications but the BRMS service access should be managed. guvnor…
Read More » -
Core Java
Investigating the HashDoS issue
Nearly one month ago I have written some thoughts on how the HashDoS problem presented at the 28C3 or other…
Read More » -
Software Development
Introduction to Strong Cryptography
One thing that amazes me is that the most developers are not familiar with strong cryptography. In my career, I’ve…
Read More »
