Security Resources

In this article, we are going to go over how to create a caching mechanism for Spring and OAuth2 using Redis as our database for cache storage.

March 6, 2018

by Adam Zaręba

· 37,294 Views · 9 Likes

Top Software Glitches and Growing Significance of Software Testing

Take a look at some of the top software glitches from 2018 and 2017 and see what lessons can be learned about software testing.

March 5, 2018

by Hiren Tanna

· 4,347 Views · 3 Likes

Store Your User Data Securely (Not in Local Storage)

Let's take a look at the localStorage API as well as some Java-friendly options to consider when wanting to store your users' data securely.

Updated February 28, 2018

by Matt Raible

· 13,568 Views · 2 Likes

Spring Boot 2 Applications and OAuth 2 - Legacy Approach

In today's post, we explore a legacy Spring Boot 2/Spring Security 5 approach to enabling an OAuth2-based authentication mechanism for an application.

February 27, 2018

by Biju Kunjummen

· 25,314 Views · 4 Likes

SOLID, GRASP, and Other Basic Principles of Object-Oriented Design

Learn principles of Object Oriented Design, and get a firm hold on the ideas behind the SOLID and GRASP languages in this article.

Updated February 26, 2018

by Muhammad Umair

· 187,784 Views · 96 Likes

Enforce SSL and Use HSTS in .NET Core 2.0: .NET Core Security Part I

We begin this series on .NET Core security practices by looking at concepts such as SSL, HTTPS, and HSTS. Let's get started!

February 26, 2018

by Neel Bhatt

· 15,632 Views · 5 Likes

Creating a Chat Application Using React and ASP.NET Core - Part 3

We continue our in-depth look at using React.js and ASP.NET Core to create a chat app by looking at websockets and SignalR.

Updated February 26, 2018

by Juergen Gutsch

· 16,611 Views · 3 Likes

Content Security Policy (CSP) Explained

We explore the concepts behind Content Security Policy, such as hashes and nonces, and how to implement CSP in your application or site.

February 26, 2018

by Sven Morgenroth

· 25,261 Views · 4 Likes

DevSecOps Is a Key to Cost Reduction

DevSecOps is not only a way to integrate security earlier into the SDLC; it's also a way to cut costs. This article debunks the common complaints about adding DevSecOps.

February 24, 2018

by Dan Goldberg

· 8,095 Views · 2 Likes

Microservices Authentication and Authorization Using API Gateway

In this article, we'll learn how to add authorization and authentication security protocols to microservices by using an API Gateway.

Updated February 23, 2018

by Akash Bhingole

· 81,891 Views · 22 Likes

Stateless Authentication With JSON Web Tokens

Learn how to protect your microservice, API, or web app using JSON Web Tokens to create a stateless authentication protocol.

February 22, 2018

by Yos Riady

· 48,238 Views · 15 Likes

Spring DI Patterns: The Good, The Bad, and The Ugly

Let's explore the three ways Spring lets you declare dependencies using annotations: field injection, setter injection, and constructor injection.

February 21, 2018

by Roger Guldbrandsen

· 99,273 Views · 38 Likes

An OAuth2 Grant Selection Decision Tree for Securing REST APIs

In this article, I will explain the four types of grants and guidelines for selecting each grant based on a simple decision tree.

February 20, 2018

by Imesh Gunaratne

· 11,503 Views · 18 Likes

Spring Boot 2 Applications and OAuth 2: Setting Up an Authorization Server

A Java-based developer walks us through the process of setting up a working Authorization Server with a sample client and a sample user available.

Updated February 16, 2018

by Biju Kunjummen

· 39,192 Views · 31 Likes

Diameter Server Load Testing — A Guide

Learn how to use JMeter to load test Diameter, a AAA protocol similar to Radius, and understand why the two go hand in hand.

Updated February 9, 2018

by Konsantine Firsanov

· 10,521 Views · 3 Likes

Android WebView: Secure Coding Practices

A developer reviews some secure coding good practices for Android and web developers to keep in mind when developing for mobile platforms.

February 8, 2018

by Erez Yalon

· 28,067 Views · 5 Likes

Secure Your Vert.x Server With Single Sign-On From Okta

Let's take a dip into the Spring ecosystem while learning how to secure a Vert.x server and adding the convenience of SSO.

February 7, 2018

by Silas Brazil

· 6,505 Views · 8 Likes

Adding Auth to a Jaeger Collector

In this quick tutorial, you will learn how to add an authentication proxy to your Jaeger collector using Keycloak. Read on to get started!~

February 5, 2018

by Juraci Paixao Kroehling

· 8,958 Views · 5 Likes

CDI (Part 2): Qualifiers in Java: Polymorphism in DI

The second part of this CDI series considers CDI qualifiers. We'll see how they can help you with both dependency injection and polymorphism.

February 3, 2018

by Alexandre Gama

· 24,882 Views · 12 Likes

The Server Side Request Forgery Vulnerability and How to Prevent It

Learn how to protect your web application from SSRF vulnerabilities by learning what exactly they are and how bad actors can use them to target your system.

February 2, 2018

by Sven Morgenroth

· 50,952 Views · 1 Like

The Latest Security Topics