Security Resources

Multi-Project Builds With Gradle and Fat JARs With Shadow

With Gradle and the Shadow JAR plugin, devs can break their work into dependencies, then build a fat JAR to handle transitive dependencies.

May 17, 2017

by Bill O'Neil

· 32,956 Views · 5 Likes

What Is Email Header Injection?

We've all heard of emails being vectors for attacks, but what exactly is email header injection, how can it be mitigated? We take a look at these questions in this post.

May 12, 2017

by Ian Muscat

· 18,694 Views · 9 Likes

Adding a Custom Dependency Injection Container in ASP.NET Core

If you're an ASP.NET Core dev, but are tired of having to use ASP.NET Core's dependency injection container, read on to learn how to replace the existing DI container.

May 10, 2017

by Juergen Gutsch

· 16,433 Views · 2 Likes

Secure Sensitive Data With Mule Credentials Vault

In this post, we'll go over securing sensitive data using the Mule Credentials Vault, from setup to actually using it to protect your data.

Updated May 10, 2017

by Jitendra Bafna

CORE

· 18,863 Views · 8 Likes

How to Handle the CSRF Token in JMeter

When we do load testing using JMeter without handling the CSRF token, you get a certain error. Learn how to handle the CSRF token in JMeter.

May 9, 2017

by manoj mathpal

· 35,107 Views · 15 Likes

OAuth 2.0 Beginner's Guide

In this post, we go over the basics of using OAuth 2.0, and show you step-by-step how to go about getting an OAuth access token.

Updated May 9, 2017

by Suraj Kumar

· 67,879 Views · 83 Likes

Intercepting Messages on TCP/IP in Mule

This tutorial will walk you through the steps of setting Mule to transform and intercept messages in real time with Anypoint Studio.

May 6, 2017

by Sumit Bansal

· 6,932 Views · 1 Like

TLS/SSL Explained: Examples of a TLS Vulnerability and Attack, Final Part

In the final part of our series, we look at some of the worst attacks than can be carried out against an insecure SSL/TLS network, and how to stop them.

May 5, 2017

by Agathoklis Prodromou

· 16,695 Views · 15 Likes

How to Load Test TCP Protocol Services With JMeter

Learn how to test a simple TCP server that works in the echo mode (in other words, the server responds with the same data that has been sent to it).

May 1, 2017

by Konsantine Firsanov

· 40,192 Views · 6 Likes

What Are Injection Attacks?

In the world of security, it's important to know what you're up against. In this post, we've provided a list of the most common and dangerous web attacks.

April 26, 2017

by Ian Muscat

· 34,444 Views · 4 Likes

10 Tips for Integrating Security Into DevOps

Gene Kim, the DevOps guru, gives his take on current DevSecOps processes, and how dev teams can improve upon them in the future.

April 24, 2017

by Gene Kim

· 7,458 Views · 1 Like

Understanding OpenShift Security Context Constraints

In this article, we take a look at Security Context Constraints (SCCs), give some examples, and show how to work with them in a container.

April 20, 2017

by Alessandro Arrichiello

· 8,400 Views · 3 Likes

Secure TLS Communication With MQTT, mbedTLS, and lwIP (Part 1)

Now that we've learned about the individual components, let's dive into encrypting our IoT communications with TLS, MQTT, and lwIP.

April 19, 2017

by Erich Styger

· 16,327 Views · 2 Likes

Secure Communication With TLS and the Mosquitto Broker

Mosquitto is a popular communications broker for IoT apps. That makes them important to secure, which we'll do with the Transport Security Layer.

April 18, 2017

by Erich Styger

· 37,429 Views · 3 Likes

5 Consequences That Result From Not Meeting Data Security Requirements

All security professionals know the technical consequences of data breaches. But what are some of the business considerations at play?

April 16, 2017

by Carol Jon

· 15,635 Views

Easy Golang Dependency Management

Go dependency management isn't always straightforward, but this tutorial aims to show you how to keep things simple with dep.

April 13, 2017

by Tomer Ben David

· 28,662 Views · 15 Likes

How to Load Test OCSP With JMeter

OCSP (Online Certificate Status Protocol) is a revokable application-level protocol. It can be easily load tested by using JMeter in just ten quick steps.

April 11, 2017

by Konsantine Firsanov

· 5,731 Views

Making Spring Web Services With Scala

Together, Spring and Scala can create simple, scalable, secure, robust web services that should be at home in the JVM ecosystem.

April 8, 2017

by Praneeth Ramesh

· 53,321 Views · 13 Likes

Spring Boot and web3j: Easy Microservices for Ethereum Blockchain

web3j seamlessly integrates with Spring Frameworks. Simply create a new Spring Boot app, add the starter to your configuration, and create a service with web3j.

April 6, 2017

by Conor Svensson

· 11,792 Views · 8 Likes

Brute Forcing HS256 Is Possible: The Importance of Using Strong Keys in Signing JWTs

In this article, we go over what exactly a JSON Web Token is, how they can be cracked using brute force, and the best way to avoid this security issue.

April 6, 2017

by Prosper Otemuyiwa

· 12,983 Views · 1 Like

The Latest Security Topics