Security
-
Software Development
Cryptography & Theory 2: What is Pseudorandom
As was concluded in the first part of this series, security without randomness is impossible. Deterministic ciphers are unable to…
Read More » -
Core Java
AES-256 Encryption with Java and JCEKS
Overview Security has become a great topic of discussion in the last few years due to the recent releasing of…
Read More » -
Enterprise Java
Invoking APIs using a Web App with OAuth2 and use of JWT – WSO2 API Manager
In this post I am to share my experience and understandings using WSO2 API Manager(API-M) for a very common and…
Read More » -
Software Development
Detecting and Fixing XSS using OWASP tools
Much have been written about XSS vulnerabilities scanning. In this article we will try to go a little further and…
Read More » -
Software Development
How much can Testers help in Appsec?
It’s not clear how much of a role QA – which in most organizations means black box testers who do…
Read More » -
Enterprise Java
How to configure an SSL Certificate with Play Framework for https
I spent hours trying to get this to work, and in the end, then problem was that I did not…
Read More » -
Agile
Appsec’s Agile Problem
Agile development has a serious Appsec problem. Most Agile development teams suck at building secure software. But one of the…
Read More » -
Software Development
This is Stuff: Cryptography & Theory 1: Meaning of Secure
Cryptography & Theory is series of blog posts on things I learned in coursera stanford online crypto class. The class contained…
Read More » -
Enterprise Java
Spring Security – Behind the scenes
Security tasks such as authentication of user and authorization of a user to view application resources are usually handled by…
Read More »