Security

Developers these days are expected to write code faster, ship it faster, and keep it secure. But those expectations inevitably lead to small mistakes or misconfigurations - and developers already spend an inordinate amount of time checking code. In a worst-case scenario, it sometimes happens that passwords or API keys are left in the code. The resulting security breaches not only expose confidential data, they...

New data reveals that fixing bugs and errors in code is the top developer pain point. According to the 2021 Report | The State of Software Code commissioned by Rollbar, manually fixing code is negatively impacting developers' productivity and morale. At a time when there are not enough developers to meet demand, it appears that more automation is needed to relieve some of the drudgery. 38%...

Security is one of the most important parts of application development. The Java language makes it easy to develop secure applications by providing many options and features that make applications secure. Because it is a big topic, this article shall a touch upon a few key aspects of the security features and APIs available in the Java platform. Overview The Java platform, from the ground up,...

By Anas Baig. Hundreds of thousands of mobile applications are downloaded by users on the Internet every day. Likewise, thousands of applications hit the app stores on a daily basis. The extreme use of mobile applications shows how deeply we are engaged in our "connected" life than ever before. Not only mobile devices have invaded our households, but these devices are raiding the corporate sector with...

It has become well established that maintaining the security of information systems hinges on more than just placing a firewall in front of a system and calling it a day. Security needs to be approached holistically, and that includes applications being developed with security in mind. The analyst firm Gartner has been attributed with saying that over 70% of security vulnerabilities exist at the...

By Robert Reeves, CTO and co-founder, Datical Introduction For the past 30+ years, the database administrator has been the last (and only) line of defense to prevent security violations in SQL scripts. And, that has been very successful…until application development speed and release frequency started increasing. Now that applications are releasing daily (hourly?), the validation and execution of database changes need to be automated. That involves...

Programming in reflection is sometimes like playing with the privacy of Java internals and getting into the diversion of exploiting secure Java code. We do not get into the details of whether to keep the loopholes for exploitation alive (not likely) or an intentional convulsion of security breaches (nope, rather, an open kitchen, where you can extend your ideas to work) within JVM. The...

Introduction Once the APIs are designed and defined, they need to be published so that the users can consume the APIs to develop different applications. When publishing, the most important aspect is the security. How are the consumers of the APIs going to connect and use the exposed functionality? If the APIs are publicly exposed, there is no explicit security required to connect; but, for...

Mobile computing devices and their various accessories can be seen as some of the most successful computing devices of all time, with the adoption of smart phones and tablets seeing wide-scale uptake. A recent Business Insider article reports that there are currently 1.5 billion smart phones in the world, with 1 in every 5 people owning a smart phone (http://www.businessinsider.com/15-billion-smartphones-in-the-world-22013-2), and those numbers are...

Do you know what your employees are doing with customer data? Do you how they are getting customer data, or where that data is? In an age of data breaches and identity theft, are you doing everything you can to avoid contributing to the problem? More importantly, do you have policies and education in place to make sure your employees are doing everything as...