BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Java EE made easier with JSR-375
Java EE security has always been a mixed bag in terms of simplicity and standardization, but the new Java EE Security API, JSR-375, plans to change all of that. Read Now
At a time when well-publicized security breaches have created corporate -- and public relations -- havoc, the need to create more secure software right from the beginning has never felt so urgent. But unlike other parts of development, security can be elusive, and threats can hide seemingly in plain sight. It's vital for every software development team to take a close look at the security process, starting with the very basics.
Hidden threats can emerge from a number of different areas of the software development cycle. In order to ensure organizations are working with the most secure Java software stack possible, diligence about security concerns must come from all angles, from the fundamental APIs associated with the Java Platform, Standard Edition environment to the methodologies used by Agile and DevOps teams. Without due diligence in all aspects of the software development lifecycle, applications are no longer being deployed to a secure Java stack but instead to a system with innumerable security flaws.
In this essential guide, we will look at how to create a secure Java software stack from a variety of different angles, including fundamental APIs, the methodologies used to create applications and even new technologies, like blockchain, which organizations are using as they embark upon their digital transformation.
1Safer DevOps and cloud-native development
Sometimes, software is only as secure as the methodologies used to create it. Here we look at how some of the latest DevOps-based methodologies and cloud-native approaches to Java development. These new approaches can have both a negative and positive impact when it comes to creating and deploying secure Java applications.
DevSecOps can help find hidden threats
Find out what experts had to say about using DevOps security principles to weave threat resistance into the fabric of the development process. Read Now
Want cloud-native security? Start at the beginning
There's really nothing new under the sun when it comes to addressing security vulnerabilities in code. While there has been a great shift in terms of how server side application are architected, ... Read Now
Why containers and microservices create their own security challenges
As microservices-based applications are deployed to a sea of Docker containers, mitigating against cloud-native security issues is becoming a struggle. Read Now
2How to find the surprising threats in Java
Sometimes, there are certain pieces of technology, such as the CPU, that perform off a computer's essential logic, where you wouldn't expect to be exposed to a security flaw. But that is the thing about creating a secure Java application stack: You can't take anything for granted. Here we look at the ways fundamental technologies, such as computer hardware or blockchain distribution, can create exposure for your otherwise secure Java applications.
Why you need to look more closely at Intel's Management Engine
The Management Engine, embedded on certain Intel chips, is a hidden threat to the security of personal and corporate computers. People need to take this hidden threat seriously. Read Now
Thinking about digital transformation? You'll need blockchain security
Whether it is a secure cloud, a secure mobile device or a secure IOT interaction, organizations are making blockchain security a central part of their digital transformations. Read Now
Why your software stack is not as secure as you think
All it takes is a fork from the main branch and a re-branding of the code, and the next thing you know, there's a hidden threat in your software. Here's how to protect against it. Read Now