Security
-
Enterprise Java
Required Reading: Iron Clad Java
They didn’t teach appsec in Comp Sci or in engineering or MIS or however you learned how to program. And…
Read More » -
Software Development
If you got bugs, you’ll get pwned
The SEI recently published some fascinating research which shows a clear relationship between software quality and software security. The consensus…
Read More » -
Enterprise Java
Self-Signed Certificate for Apache TomEE (and Tomcat)
Probably in most of your Java EE projects you will have part or whole system with SSL support (https) so…
Read More » -
Software Development
Signing Digital Certificates with OpenSSL Library
While working on the pgopenssltypes extension I realized that I haven’t discussed how to sign digital certificates using the OpenSSL…
Read More » -
Software Development
Adding OpenSSL User-Defined Types to PostgreSQL
PostgreSQL supports user-defined types (UDT). These types can be used to provide type-safety on user-defined functions when we would otherwise…
Read More » -
Software Development
Database Threat Models
I finally have a breather and can start working through my backlog of ideas. I start with some background that…
Read More » -
Software Development
In Favour of Self-Signed Certificates
Today I watched the Google I/O presentation about HTTPS everywhere and read a couple of articles, saying that Google is…
Read More » -
Software Development
Revamping WSO2 API Manager Key Management Architecture around Open Standards
WSO2 API Manager is a complete solution for designing and publishing APIs, creating and managing a developer community, and for…
Read More » -
Software Development
Securing the Insecure
The 33 years old, Craig Spencer returned back to USA on 17th October from Africa after treating Ebola patients. Just…
Read More »
