Security
-
Core Java
Java 7 Update 21 Security Improvements in Detail
Oracle released three updates to Java yesterday. It is important to note that they contain several security related changes. The…
Read More » -
Software Development
Penetration Testing Shouldn’t be a Waste of Time
In a recent post on “Debunking Myths: Penetration Testing is a Waste of Time”, Rohit Sethi looks at some of…
Read More » -
Core Java
Weaknesses in Java Pseudo Random Number Generators (PRNGs)
This will be a sum up of a Paper written by Kai Michaelis, Jörg Schwenk and me, which was presented…
Read More » -
Software Development
Yes Small Companies Can – and Should – Build Secure Software
‘For large software companies or major corporations such as banks or health care firms with large custom software bases, investing…
Read More » -
Core Java
Cryptography Using JCA – Services In Providers
The Java Cryptography Architecture (JCA) is an extensible framework that enables you to use perform cryptographic operations. JCA also promotes…
Read More » -
Software Development
Peer reviews for security are a waste of time?
At this year’s RSA conference, one of the panel’s questioned whether software security is a waste of time. A panellist,…
Read More » -
Enterprise Java
Add RememberMe Authentication With Spring Security
I mentioned in my post Add Social Login to Jiwhiz Blog that the RememberMe function was not working with Spring…
Read More » -
Software Development
Your Password Is No Longer Secret, Part 1
Of course, the title is a trick. Your password is still secret, for now. To be sure that it will…
Read More » -
Software Development
Appsec at RSA 2013
This was my second time at the RSA conference on IT security. Like last year, I focused on the appsec…
Read More »