Security Resources

Android WebView: Secure Coding Practices

A developer reviews some secure coding good practices for Android and web developers to keep in mind when developing for mobile platforms.

February 8, 2018

by Erez Yalon

· 29,155 Views · 5 Likes

Secure Your Vert.x Server With Single Sign-On From Okta

Let's take a dip into the Spring ecosystem while learning how to secure a Vert.x server and adding the convenience of SSO.

February 7, 2018

by Silas Brazil

· 6,777 Views · 8 Likes

Adding Auth to a Jaeger Collector

In this quick tutorial, you will learn how to add an authentication proxy to your Jaeger collector using Keycloak. Read on to get started!~

February 5, 2018

by Juraci Paixao Kroehling

· 9,589 Views · 5 Likes

CDI (Part 2): Qualifiers in Java: Polymorphism in DI

The second part of this CDI series considers CDI qualifiers. We'll see how they can help you with both dependency injection and polymorphism.

February 3, 2018

by Alexandre Gama

· 25,507 Views · 12 Likes

The Server Side Request Forgery Vulnerability and How to Prevent It

Learn how to protect your web application from SSRF vulnerabilities by learning what exactly they are and how bad actors can use them to target your system.

February 2, 2018

by Sven Morgenroth

· 52,144 Views · 1 Like

Build Authentication the Easy Way with Spring Security 5.0 and OIDC

Spring Security 5.0 offers a host of new tools for your authentication needs. Let's see how to use it and OIDC together to secure your Spring-based apps.

February 2, 2018

by Matt Raible

· 45,873 Views · 14 Likes

Parallelizing Tasks with Dependencies — Design Your Code to Optimize Performance

Learn how to run several asynchronous tasks concurrent with each other while respecting the dependencies surrounding each task.

January 30, 2018

by Riccardo Terrell

· 10,125 Views · 3 Likes

SQL Injection Vulnerabilities and How to Prevent Them

SQLi is one of the most common and severe vulnerabilities. Learn what you as a developer can do to prevent SQL injection attacks on your application.

January 29, 2018

by Sven Morgenroth

· 96,796 Views · 3 Likes

Microservices With Spring Boot, Part 1 — Getting Started

In the first installment of this series, we'll learn about the concept of microservices and look at how to create a microservice with Spring Boot and Spring Cloud.

January 23, 2018

by Ranga Karanam

· 86,934 Views · 53 Likes

User Personas and Pipeline Facades for Effective Release Decisions

This article discusses using user personas with CI/CD pipelines to learn which data your business needs, and the importance of how data is presented.

January 22, 2018

by Manuel Pais

· 12,916 Views · 3 Likes

Configuring Security Headers in Undertow

If you're interested in using security headers to help protect your websites, there are a number of approaches you can take. Let's explore some of the popular ones.

Updated January 21, 2018

by Bill O'Neil

· 8,939 Views · 4 Likes

OAuth 2.0 in a Nutshell

In this article, we take a look at one of the most popular frameworks for implementing authentication and authorization protocols.

Updated January 17, 2018

by Gitanjali Sahoo

· 16,416 Views · 18 Likes

If You're Going to Fail, Fail Safely

These insights into failure will help you think about planning for failure in your software to mitigate risk, and how to recover.

January 17, 2018

by Heidi Waterhouse

· 6,271 Views · 3 Likes

Bootstrapping Microservices - Getting Your Microservice Architecture Ready

Check out this open source project to get a start on your microservices architecture, learn about the tools you need to connect your microservices, and more.

January 17, 2018

by Alexsandro Souza

· 22,111 Views · 41 Likes

An Introduction to Hollow JARs

With JAR files, you've got your fat JARs, thin JARs, and skinny JARs, but here's an overview of Hollow JARs and how they sit between an app server and an Uber JAR.

January 16, 2018

by Paul Stovell

· 14,470 Views · 3 Likes

What to Automate and What Not to Automate

Automation makes development much easier and saves time, but let's talk about when it's smart to automate processes, and when it's not.

January 15, 2018

by Ron Gidron

· 14,405 Views · 3 Likes

What Are the Meltdown and Spectre Bugs?

In this post, we give a quick overview of the new kids on the cybersecurity exploit block, and how they can compromise your data security.

January 11, 2018

by Giridhara Raam

· 5,020 Views · 5 Likes

Secret Rotation for JWT Tokens

Using some form of secret rotation when using web tokens to encrypt payloads is important to any security strategy. Read on for an example of how to implement this.

January 10, 2018

by Alex Soto

· 30,346 Views · 8 Likes

TEE in Android Development

This overview of TEE, or Trusted Execution Environments, will show you how they are used to secure sensitive information on Android devices.

January 10, 2018

by Varun Malhotra

· 17,928 Views · 5 Likes

Local File Inclusion Vulnerability

In this post, we take a quick look at this nasty sort of vulnerability, and what you can do to keep your web apps and users safe.

January 9, 2018

by Robert Abela

· 13,306 Views · 2 Likes

The Latest Security Topics