List/Grid Tag Archives: Security

software-development-2-logo

What is a software quality?

If any of you have heard me speak in a training session or conference you’ll know I am found of quoting Philip Crosby: “Quality is free!”. Crosby was talking from a background ...
agile-logo

Getting Application Security Vulnerabilities Fixed

It’s a lot harder to fix application security vulnerabilities than it should be. In their May 2013 security report, WhiteHat Security published some discouraging findings about how ...
java-logo

Safely Create and Store Passwords

Nearly every time when it comes to user profiles it is necessary to manage user credentials and thus be able to create and store user passwords. It should be common practice to use ...
scala-logo

A practical solution to the BREACH vulnerability

Two weeks ago CERT released an advisory for a new vulnerability called BREACH. In the advisory they say there is no practical solution to this vulnerability. I believe that I’ve ...
java-logo

Securing HTTP-based APIs With Signatures

I work at EMC on a platform on top of which SaaS solutions can be built. This platform has a RESTful HTTP-based API, just like a growing number of other applications. With development ...
software-development-2-logo

What is Important in Secure Software Design?

There are many basic architectural and design mistakes that can compromise the security of a system:Missing something important in security features like access control or auditing, ...
java-logo

Java Security Tutorial – Step by Step guide to create SSL connection and certificates

In our series of articles on applying JEE security we present you another detailed tutorial on how to create a SSL connection and create certificates in a Java EE application. As mentioned ...
software-development-2-logo

Choosing between a Pen Test and a Secure Code Review

Secure Code Reviews (bringing someone in from outside of the team to review/audit the code for security vulnerabilities) and application Pen Tests (again, bringing a security specialist ...
enterprise-java-logo

Browser-based Key Generation and interaction with the Browser’s Key/Certificate Store

Imagine the following scenario: You need to get a key (in the asymmetric case the user’s public key) from a user visiting your website and want the browser to remember the private ...
software-development-2-logo

Understanding Transport Layer Security / Secure Socket Layer

Transport Layer Security (TLS) 1.0 / Secure Sockets Layer (SSL) 3.0, is the mechanism to provide private, secured and reliable communication over the internet. It is the most widely ...
Java Code Geeks and all content copyright © 2010-2014, Exelixis Media Ltd | Terms of Use
All trademarks and registered trademarks appearing on Java Code Geeks are the property of their respective owners.
Java is a trademark or registered trademark of Oracle Corporation in the United States and other countries.
Java Code Geeks is not connected to Oracle Corporation and is not sponsored by Oracle Corporation.

Sign up for our Newsletter

15,153 insiders are already enjoying weekly updates and complimentary whitepapers! Join them now to gain exclusive access to the latest news in the Java world, as well as insights about Android, Scala, Groovy and other related technologies.

As an extra bonus, by joining you will get our brand new e-books, published by Java Code Geeks and their JCG partners for your reading pleasure! Enter your info and stay on top of things,

  • Fresh trends
  • Cases and examples
  • Research and insights
  • Two complimentary e-books