Security Resources

In this article, we take a look at one of the most popular frameworks for implementing authentication and authorization protocols.

Updated January 17, 2018

by Gitanjali Sahoo

· 15,345 Views · 18 Likes

If You're Going to Fail, Fail Safely

These insights into failure will help you think about planning for failure in your software to mitigate risk, and how to recover.

January 17, 2018

by Heidi Waterhouse

· 5,981 Views · 3 Likes

Bootstrapping Microservices - Getting Your Microservice Architecture Ready

Check out this open source project to get a start on your microservices architecture, learn about the tools you need to connect your microservices, and more.

January 17, 2018

by Alexsandro Souza

· 21,272 Views · 41 Likes

An Introduction to Hollow JARs

With JAR files, you've got your fat JARs, thin JARs, and skinny JARs, but here's an overview of Hollow JARs and how they sit between an app server and an Uber JAR.

January 16, 2018

by Paul Stovell

· 13,919 Views · 3 Likes

What to Automate and What Not to Automate

Automation makes development much easier and saves time, but let's talk about when it's smart to automate processes, and when it's not.

January 15, 2018

by Ron Gidron

· 13,775 Views · 3 Likes

What Are the Meltdown and Spectre Bugs?

In this post, we give a quick overview of the new kids on the cybersecurity exploit block, and how they can compromise your data security.

January 11, 2018

by Giridhara Raam

· 4,722 Views · 5 Likes

Secret Rotation for JWT Tokens

Using some form of secret rotation when using web tokens to encrypt payloads is important to any security strategy. Read on for an example of how to implement this.

January 10, 2018

by Alex Soto

· 29,765 Views · 8 Likes

TEE in Android Development

This overview of TEE, or Trusted Execution Environments, will show you how they are used to secure sensitive information on Android devices.

January 10, 2018

by Varun Malhotra

· 17,246 Views · 5 Likes

Local File Inclusion Vulnerability

In this post, we take a quick look at this nasty sort of vulnerability, and what you can do to keep your web apps and users safe.

January 9, 2018

by Robert Abela

· 12,934 Views · 2 Likes

What Is an Open Redirection Vulnerability and How to Prevent it?

This type of vulnerability can lead to phishing attacks and all kinds of nasty not niceness. Read on to see how to prevent it.

January 8, 2018

by Sven Morgenroth

· 91,635 Views · 2 Likes

Why Enabling SHA256 Support for XML Signatures Breaks JWT Signing

A developer describes a bug he ran into while trying to add authentication protocols to an application. Read on to see how he got around it!

January 8, 2018

by Anders Abel

· 6,290 Views · 1 Like

7 Things to Know for Getting Started With Spring Boot

Just getting into Spring Boot? Then check out this post for a helping hand in understanding Spring Boot's architecture and functionality.

January 6, 2018

by Ranga Karanam

CORE

· 237,783 Views · 70 Likes

Single-Responsibility Principle Done Right

When adhering to the SOLID programming principles, Single Responsibility can be a bit tricky. Find out why and how to better understand this oft-misunderstood concept.

January 3, 2018

by Riccardo Cardin

· 28,901 Views · 40 Likes

Fun With Mendelson: Automating Your AS2 Workflows

See how you can integrate Mendelson AS2, one of the more the widely used AS2 clients, into your testing cycles and automate it to perform AS2 operations.

January 2, 2018

by Janaka Bandara

· 9,019 Views · 4 Likes

18 Non-Corny Teamwork Quotes You'll Actually Like [Graphics]

Together Everyone Achieves More and its aged ilk are probably plastered somewhere on your company's wall. Try this refresh for the new year.

December 30, 2017

by Natalie Mendes

· 22,923 Views · 3 Likes

OAuth Dances With Mule External Provider

Learn about the OAuth 2 framework and the grant types it uses to interact with Mule by creating and testing an API that uses Mule External Provider.

December 30, 2017

by NAGG Kshatriya

· 11,250 Views · 2 Likes

OWASP Dependency-Check Maven Plugin: A Must-Have

Though it's tough, this developer admits he hadn't heard of this plugin until recently. If you're in the same boat, read to get an overview of this great security tool.

December 30, 2017

by Bozhidar Bozhanov

· 18,449 Views · 5 Likes

About Dependency Injection

Still wrapping your head around DI? Let's explore the philosophy and functionality behind it, then see how Guice, or any other such framework, can help.

December 29, 2017

by Ioan Tinca

· 26,300 Views · 16 Likes

Securing Your Inline SQL Statements From SQL Injection

Shifting security left, and using secure coding standards, is becoming more and more important. Read on to get a great introduction to this topic!

December 29, 2017

by Jennifer Marsh

· 9,283 Views · 3 Likes

OTP (One Time Password) Using Spring Boot and Guava

Read on to learn how to add One Time Password authentication to your web application using Spring Boot and Google's Guava library.

December 28, 2017

by Shrisowdhaman Selvaraj

· 124,484 Views · 23 Likes

The Latest Security Topics