Security
-
Agile
Getting Application Security Vulnerabilities Fixed
It’s a lot harder to fix application security vulnerabilities than it should be. In their May 2013 security report, WhiteHat…
Read More » -
Core Java
Safely Create and Store Passwords
Nearly every time when it comes to user profiles it is necessary to manage user credentials and thus be able…
Read More » -
Scala
A practical solution to the BREACH vulnerability
Two weeks ago CERT released an advisory for a new vulnerability called BREACH. In the advisory they say there is…
Read More » -
Core Java
Securing HTTP-based APIs With Signatures
I work at EMC on a platform on top of which SaaS solutions can be built. This platform has a…
Read More » -
Software Development
What is Important in Secure Software Design?
There are many basic architectural and design mistakes that can compromise the security of a system: Missing something important in…
Read More » -
Core Java
Java Security Tutorial – Step by Step guide to create SSL connection and certificates
In our series of articles on applying JEE security we present you another detailed tutorial on how to create a…
Read More » -
Software Development
Choosing between a Pen Test and a Secure Code Review
Secure Code Reviews (bringing someone in from outside of the team to review/audit the code for security vulnerabilities) and application…
Read More » -
Enterprise Java
Browser-based Key Generation and interaction with the Browser’s Key/Certificate Store
Imagine the following scenario: You need to get a key (in the asymmetric case the user’s public key) from a…
Read More » -
Software Development
Understanding Transport Layer Security / Secure Socket Layer
Transport Layer Security (TLS) 1.0 / Secure Sockets Layer (SSL) 3.0, is the mechanism to provide private, secured and reliable…
Read More »