Essential Guide

Get started Bring yourself up to speed with our introductory content.

Neutralizing threats and creating a secure Java software stack


At a time when well-publicized security breaches have created corporate -- and public relations -- havoc, the need to create more secure software right from the beginning has never felt so urgent. But unlike other parts of development, security can be elusive, and threats can hide seemingly in plain sight. It's vital for every software development team to take a close look at the security process, starting with the very basics.

Hidden threats can emerge from a number of different areas of the software development cycle. In order to ensure organizations are working with the most secure Java software stack possible, diligence about security concerns must come from all angles, from the fundamental APIs associated with the Java Platform, Standard Edition environment to the methodologies used by Agile and DevOps teams. Without due diligence in all aspects of the software development lifecycle, applications are no longer being deployed to a secure Java stack but instead to a system with innumerable security flaws.

In this essential guide, we will look at how to create a secure Java software stack from a variety of different angles, including fundamental APIs, the methodologies used to create applications and even new technologies, like blockchain, which organizations are using as they embark upon their digital transformation.

1Program low-level secure Java-

Start with the basics to improve security

The most fundamental part of creating a secure Java application is ensuring that the APIs provided by the environment are comprehensive and that the applications that are written using these APIs, from custom user registries to password authentication systems, are as free from flaws as possible.


Java EE made easier with JSR-375

Java EE security has always been a mixed bag in terms of simplicity and standardization, but the new Java EE Security API, JSR-375, plans to change all of that. Continue Reading

Blog Post

How to consolidate LDAP server and active directories?

Should you implement a custom user registry to help mitigate access to your various LDAP servers in order to simplify security tasks such as authentication and group association? The answer to that ... Continue Reading


Get rid of those plain text passwords

Here are some strategies to remove plain text passwords from configuration files and your code base. It's one way a secure Java app can deter a malicious attack. Continue Reading

2Secure Java methodologies-

Safer DevOps and cloud-native development

Sometimes, software is only as secure as the methodologies used to create it. Here we look at how some of the latest DevOps-based methodologies and cloud-native approaches to Java development. These new approaches can have both a negative and positive impact when it comes to creating and deploying secure Java applications.


DevSecOps can help find hidden threats

Find out what experts had to say about using DevOps security principles to weave threat resistance into the fabric of the development process. Continue Reading

Blog Post

Want cloud-native security? Start at the beginning

There's really nothing new under the sun when it comes to addressing security vulnerabilities in code. While there has been a great shift in terms of how server side application are architected, ... Continue Reading


Why containers and microservices create their own security challenges

As microservices-based applications are deployed to a sea of Docker containers, mitigating against cloud-native security issues is becoming a struggle. Continue Reading

3Secure Java technology-

How to find the surprising threats in Java

Sometimes, there are certain pieces of technology, such as the CPU, that perform off a computer's essential logic, where you wouldn't expect to be exposed to a security flaw. But that is the thing about creating a secure Java application stack: You can't take anything for granted. Here we look at the ways fundamental technologies, such as computer hardware or blockchain distribution, can create exposure for your otherwise secure Java applications.

Blog Post

Why you need to look more closely at Intel's Management Engine

The Management Engine, embedded on certain Intel chips, is a hidden threat to the security of personal and corporate computers. People need to take this hidden threat seriously. Continue Reading


Thinking about digital transformation? You'll need blockchain security

Whether it is a secure cloud, a secure mobile device or a secure IOT interaction, organizations are making blockchain security a central part of their digital transformations. Continue Reading


Why your software stack is not as secure as you think

All it takes is a fork from the main branch and a re-branding of the code, and the next thing you know, there's a hidden threat in your software. Here's how to protect against it. Continue Reading

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.