Security Resources

Testing Without Mocks: A Pattern Language

Learn about these patterns for writing code that can be tested without test doubles, DI frameworks, or end-to-end tests.

May 11, 2018

by James Shore

· 10,361 Views · 5 Likes

Service Discovery With Eureka and Zuul

Learn how to use Spring Boot with Zuul and Eureka to create a simple discovery service, routing .NET applications through a Zuul gateway.

May 10, 2018

by Jarett Lear

· 90,039 Views · 7 Likes

SOLID Principles: Dependency Inversion Principle

Here's a breezy walkthrough of the D in SOLID — dependency inversion. Read up on its core tenets and how to refactor code that breaks it.

May 4, 2018

by Emmanouil Gkatziouras

CORE

· 81,763 Views · 13 Likes

Elytron: A New Security Framework in WildFly/JBoss EAP

In this tutorial, we will create a self-signed certificate to understand how SSL/TLS works in Elytron. Read on to learn how to secure your JBoss EAP!

May 4, 2018

by Siddhartha De

· 7,994 Views · 3 Likes

Oracle WebLogic RCE Deserialization Vulnerability (CVE-2018-2628)

Oracle recently released its critical patch update (CPU) for the quarter. Read on to get a security experts view on the vulnerabilities included.

May 3, 2018

by Apostolos Giannakidis

CORE

· 13,864 Views · 2 Likes

Add Spring Security and Okta for a Secure Spring Microservices Architecture

This comprehensive guide will help you secure your microservices architectures using a combination of Spring Security and Okta.

May 2, 2018

by Matt Raible

· 10,118 Views · 2 Likes

CORS in .NET Core: .NET Core Security Part VI

A developer gives a tutorial on how to enable CORS in your .NET Core web application. Read on for some Rocky Mountain cold CORS app sec.

April 30, 2018

by Neel Bhatt

· 145,475 Views · 3 Likes

Providing users a easy and secure way to log in can do wonders for the security of your web service. Read on to see how to implement SSO.

April 25, 2018

by Sanjay Patel

· 47,291 Views · 10 Likes

Build Secure User Authentication in ASP.NET Core With OIDC and OAuth

Authentication is a core component of any high-quality web applications. In this post, we learn how to implement authentication in an ASP.NET Core app.

April 25, 2018

by Lee Brandt

· 29,793 Views · 2 Likes

Five Features of Information Security Every Cloud Platform Should Provide

A discussion of the five kinds of security and enterprise security management for cloud platforms that should be included in all cloud offerings.

April 24, 2018

by Doug Paris White

· 7,799 Views · 2 Likes

JWTs With Spring Boot and Java 9

Interested in using JWTs for your Java 9/Spring Boot projects? Learn how to set up your dependencies and the use cases for you to consider.

April 24, 2018

by Sergio Martin

· 34,465 Views · 24 Likes

Secure Tomcat Hosting: Restrict Access to Your Web Application

Locking down your web app is unavoidable. We take a look at how to restrict access to your Tomcat-based web app in this post.

April 23, 2018

by Tetiana Fydorenchyk

· 18,270 Views · 12 Likes

Stop Using JWTs as Session Tokens

Today I’m here to talk with you about the downsides of using JWTs. Specifically, why it’s a bad idea to use JWTs as session tokens for most people.

April 23, 2018

by Randall Degges

· 59,050 Views · 35 Likes

JDK 11 and Proxies in a World Past sun.misc.Unsafe

Java 11 is making changes to the Unsafe class. See what's being deprecated and how that's going to affect proxies for future projects.

April 22, 2018

by Rafael Winterhalter

· 35,788 Views · 21 Likes

Best SecOps Tools: 50 Must-Have Tools for Your SecOps Arsenal, Part 1

Looking for some great new tools to help you better understand where your software is vulnerable and to hunt out viruses? Read on for some great options.

April 21, 2018

by Christian Lappin

· 6,244 Views · 3 Likes