Total 19 Posts

Security

Securing your APIs using Okta and a JHipster gateway

A step by step guide on setting up a JHipster application with Okta that provides first class support for system users.…

Jun 18, 2020 10 min read

Keycloak High Availability in Cloud environment (AWS) - PART 2/4

In the previous first part, we have described the main cloud architecture, according to the…

Jun 08, 2020 12 min read

Sébastien Mazade

Keycloak High Availability in Cloud environment (AWS) - PART 1/4

For those who do not already know the Keycloak product, it is the main IAM…

May 20, 2020 9 min read

Sébastien Mazade

Integrating Civic into a Static Serverless Website (part 2 of 2)

This is the second part of this tutorial (first part here). By now your static…

Mar 28, 2019 11 min read

Tyler John Haden

Integrating Civic into a Static Serverless Website Part 1 of 2

This article describes an application that takes advantage of AWS serverless services to provide a…

Mar 25, 2019 10 min read

Tyler John Haden

Service Oriented Network Security - AWS Security Group Design

Amazon Web Services is capable of providing the infrastructure to run all of your applications…

Aug 23, 2016 9 min read

JHipster: Streamlining the Hackathon Experience

For most 24 hour Hackathons, the work starts a week or two prior to the…

Jan 13, 2016 3 min read

Security White Paper: OWASP - Building Secure Web Applications

Nowadays, software application security absolutely cannot be ignored and every IT professional must take this…

Jul 17, 2014 1 min read

Victoria De Belilovsky

OWASP Top 10 - A10 Unvalidated Redirects and Forwards

Description If a user is redirected or forwarded to a page defined by an unverified…

Jan 29, 2014 2 min read

OWASP Top 10 - A9 Using Components with Known Vulnerabilities

Description Known software vulnerabilities are available to everyone on the Internet. If an attacker knows…

Jan 28, 2014 3 min read

OWASP Top 10 - A8 Cross-Site Request Forgery (CSRF)

Description An attacker sends a request to a website you are authenticated on to execute…

Jan 14, 2014 4 min read

OWASP Top 10 - A7 Missing Function Level Access Control

Description In a web application with different user roles, authentication is not enough. Each request…

Dec 09, 2013 3 min read

OWASP Top 10 - A6 Sensitive Data Exposure

Description We have seen in the previous articles that an experienced attacker can easily intercept…

Nov 18, 2013 4 min read

OWASP Top 10 - A5 Security Misconfiguration

Description Nowadays, besides the operating system and the JRE, most of the Java applications are…

Nov 14, 2013 7 min read

OWASP Top 10 - A4 Insecure Direct Object References

Description The application exposes a direct reference (functional identifier, database key, file path…) to a…

Nov 04, 2013 2 min read