Security
-
Core Java
Securing HTTP-based APIs With Signatures
I work at EMC on a platform on top of which SaaS solutions can be built. This platform has a…
Read More » -
Software Development
What is Important in Secure Software Design?
There are many basic architectural and design mistakes that can compromise the security of a system: Missing something important in…
Read More » -
Core Java
Java Security Tutorial – Step by Step guide to create SSL connection and certificates
In our series of articles on applying JEE security we present you another detailed tutorial on how to create a…
Read More » -
Software Development
Choosing between a Pen Test and a Secure Code Review
Secure Code Reviews (bringing someone in from outside of the team to review/audit the code for security vulnerabilities) and application…
Read More » -
Enterprise Java
Browser-based Key Generation and interaction with the Browser’s Key/Certificate Store
Imagine the following scenario: You need to get a key (in the asymmetric case the user’s public key) from a…
Read More » -
Software Development
Understanding Transport Layer Security / Secure Socket Layer
Transport Layer Security (TLS) 1.0 / Secure Sockets Layer (SSL) 3.0, is the mechanism to provide private, secured and reliable…
Read More » -
Core Java
Java 7 Update 21 Security Improvements in Detail
Oracle released three updates to Java yesterday. It is important to note that they contain several security related changes. The…
Read More » -
Software Development
Penetration Testing Shouldn’t be a Waste of Time
In a recent post on āDebunking Myths: Penetration Testing is a Waste of Timeā, Rohit Sethi looks at some of…
Read More » -
Core Java
Weaknesses in Java Pseudo Random Number Generators (PRNGs)
This will be a sum up of a Paper written by Kai Michaelis, Jƶrg Schwenk and me, which wasĀ presented…
Read More »
