Eric Dalci and Ray Lai on SaaS security

Eric Dalci and Ray Lai on SaaS security

Eric Dalci and Ray Lai on SaaS security

date:Sep 23, 2010

The majority of developers attending the  JavaOne session, Ten Security Vulnerabilities for Software as a Service (SaaS), were unfamiliar with security threats, such as cross-site forgery. Also, some scoffed at the notion that password security is still a major issue. That was a surprise to presenters and software security experts Eric Dalci and Ray Lai.  In this video, they explain the audience's reactions and why password security still causes major hassles in SaaS. Dalci is senior security consultant for Cigital, a software security and and quality consulting firm in Dulles, Va. Lai is software architect for Mountain View, Calif., ISV Intuit.

More on Java software testing in practice

  • canderson

    How BI + ALM = ALI and real-time application traceability

    VIDEO - Pairing business intelligence with application lifecycle management (ALM) promises to deliver real-time application requirements traceability and simplify change management, said Kelly Emo, HP director of applications product marketing, in a JavaOne 2011 interview.

    ( Oct 12, 2011 )

  • canderson

    Ashesh Badani on cloud computing pain points

    VIDEO - Cloud computing's pain points for developers include challenges in capacity planning, "policying" and increasing needs for flexibility in programming,according to Ashesh Badani, senior director of JBOSS Enterprise Middleware for Red Hat. In this video, Badani describes the challenges developers face in creating apps for and maintaining apps in the cloud create.

    ( Sep 23, 2010 )

  • canderson

    Sasha Labourey on continuous integration environments

    VIDEO - Interview with Sasha Labourey, former JBoss CTO, who just started a new company, CloudBees offering Hudson as a service. Labourey discusses continuous integration environments.

    ( Sep 23, 2010 )

  • Maintainable applications require balanced code complexity

    Tip - The architecture of an enterprise application may be more complex than seems necessary, but maintainable code often requires complexity.

    ( Mar 02, 2012 )

  • OCAJP/OCPJP Video Tutorial: Exploring Binary Notation and Underscores

    Tutorial - This video tutorial demonstrates some new Java 7 features, namely the ability to use binary notation when assigning literal values, along with the ability to use underscores in numbers.

    ( Feb 10, 2012 )

  • Setting Up Eclipse for Java 7 Application Development

    Tutorial - This tutorial follows up on the previous two tutorials on installing Java 7 and configuring the JAVA_HOME environment variable. With those two tasks completed and confirmed, we now demonstrate how to install the Eclipse development tool.

    ( Feb 10, 2012 )

  • Java 7 and the intricacies of safe and unsafe casting

    Tip - One of the problems with casting is that it does have the potential to cause a loss of precision, especially if the number that gets cast does indeed fall outside of the range of the target type. Here we will explain why this happens.

    ( Jan 26, 2012 )

  • New Java 7 Features: How to Use a More Precise Rethrow in Exceptions from Project Coin

    Tutorial - Afficionados of other languages such as Scala or Clojure are always slagging the fact that Java is too verbose and cumbersome. So, it's not too surprising to find out that Java 7 introduced a number of new facilities that can help to trim down the code an application developer is required to write.

    ( Jan 12, 2012 )