Security
-
Software Development
5 simple rules for securely storing passwords
Far too frequently, systems are hacked and their user databases are compromised. And there are far too many cases where…
Read More » -
Software Development
Authentication Mechanisms for Web Applications
Authentication is the basic requirement for most of websites. However, there are many mechanisms to implement authentication and they are…
Read More » -
Agile
Putting Security into Sprints
To build a secure app, you can’t wait to the end and hope to “test security in”. For teams who…
Read More » -
Software Development
“NoSQL Injection” – What 40000 Unsecured MongoDB Databases Mean for our Industry
The news is all over reddit… Major security alert as 40,000 MongoDB databases left unsecured on the internet Security is…
Read More » -
Enterprise Java
How to secure Jersey REST services with Spring Security and Basic authentication
In my previous blog post, Quick way to check if the REST API is alive – GET details from Manifest…
Read More » -
Software Development
Introduction to MongoDB Security
Last week at the Paris MUG, I had a quick chat about security and MongoDB, and I have decided to…
Read More » -
Enterprise Java
Required Reading: Iron Clad Java
They didn’t teach appsec in Comp Sci or in engineering or MIS or however you learned how to program. And…
Read More » -
Software Development
If you got bugs, you’ll get pwned
The SEI recently published some fascinating research which shows a clear relationship between software quality and software security. The consensus…
Read More » -
Enterprise Java
Self-Signed Certificate for Apache TomEE (and Tomcat)
Probably in most of your Java EE projects you will have part or whole system with SSL support (https) so…
Read More »
