Security Resources

Implementing a Custom OAuth Policy in Mule

This article is an attempt to resolve the drawbacks of Mule's existing default OAuth policy and to add some more value-added features in the existing system.

March 23, 2018

by Anirban Sen Chowdhary

· 11,212 Views · 2 Likes

What Security Techniques and Tools Are Most Effective?

Security experts and IT executives told us that continuous threat management tools with real-time visibility and response are the most effective.

March 21, 2018

by Tom Smith

CORE

· 17,274 Views · 3 Likes

Docker Environment Variables: How to Set and Configure Server Applications

Whether you are new to Docker or have some experience, this extensive list of 50 Docker variables should introduce you to something new.

March 19, 2018

by Angela Stringfellow

· 59,511 Views · 2 Likes

CRLF Injection and HTTP Response Splitting Vulnerability

In this post, we discusses how HTTP Response Splitting vulnerabilities can be exploited via CRLF injection attacks, and how to prevent this in your web app.

March 15, 2018

by Sven Morgenroth

· 31,846 Views · 3 Likes

Generating Laplace Distributed Random Values

Although it's simple to generate Laplacian random values, the Laplace distribution is not always one of the built-in options for random number generation libraries.

March 14, 2018

by John Cook

· 5,251 Views · 3 Likes

Secure .NET Core Applications From ClickJacking: .NET Core Security Part III

We continue our look at .NET Core security by examining ClickJacking and how to prevent this type of cyberattack in your web app.

March 13, 2018

by Neel Bhatt

· 16,288 Views · 3 Likes

5 Important Software Vulnerabilities

We take a look at five dangerous vulnerabilities and how cyber attackers look to exploit these errors in a codebase to wreak havoc.

March 8, 2018

by Somesh Mohanty

· 49,563 Views · 2 Likes

Cache OAuth 2 in Spring With Redis

In this article, we are going to go over how to create a caching mechanism for Spring and OAuth2 using Redis as our database for cache storage.

March 6, 2018

by Adam Zaręba

· 37,039 Views · 9 Likes

Top Software Glitches and Growing Significance of Software Testing

Take a look at some of the top software glitches from 2018 and 2017 and see what lessons can be learned about software testing.

March 5, 2018

by Hiren Tanna

· 4,270 Views · 3 Likes

Store Your User Data Securely (Not in Local Storage)

Let's take a look at the localStorage API as well as some Java-friendly options to consider when wanting to store your users' data securely.

Updated February 28, 2018

by Matt Raible

· 13,465 Views · 2 Likes

Spring Boot 2 Applications and OAuth 2 - Legacy Approach

In today's post, we explore a legacy Spring Boot 2/Spring Security 5 approach to enabling an OAuth2-based authentication mechanism for an application.

February 27, 2018

by Biju Kunjummen

· 25,231 Views · 4 Likes

SOLID, GRASP, and Other Basic Principles of Object-Oriented Design

Learn principles of Object Oriented Design, and get a firm hold on the ideas behind the SOLID and GRASP languages in this article.

Updated February 26, 2018

by Muhammad Umair

· 187,089 Views · 96 Likes

Enforce SSL and Use HSTS in .NET Core 2.0: .NET Core Security Part I

We begin this series on .NET Core security practices by looking at concepts such as SSL, HTTPS, and HSTS. Let's get started!

February 26, 2018

by Neel Bhatt

· 15,540 Views · 5 Likes

Creating a Chat Application Using React and ASP.NET Core - Part 3

We continue our in-depth look at using React.js and ASP.NET Core to create a chat app by looking at websockets and SignalR.

Updated February 26, 2018

by Juergen Gutsch

· 16,347 Views · 3 Likes

Content Security Policy (CSP) Explained

We explore the concepts behind Content Security Policy, such as hashes and nonces, and how to implement CSP in your application or site.

February 26, 2018

by Sven Morgenroth

· 25,138 Views · 4 Likes

DevSecOps Is a Key to Cost Reduction

DevSecOps is not only a way to integrate security earlier into the SDLC; it's also a way to cut costs. This article debunks the common complaints about adding DevSecOps.

February 24, 2018

by Dan Goldberg

· 8,018 Views · 2 Likes