Cloud application security
Managing cloud application performance and security is not business as usual for enterprise application developers. The elastic nature of cloud computing resources requires developers to take a fresh look at application performance metrics. Cloud application security requires developers move beyond the idea that a strong firewall perimeter will keep their data safe.
Top Stories
-
Feature
05 May 2020
The what, why and how of the Spring Security architecture
Like any framework, Spring Security requires writing less code to implement the desired functionality. Learn how to implement the Spring Security architecture in this book excerpt. Continue Reading
-
Feature
05 May 2020
Why developers need to know the Spring Security framework
The Spring Security framework is a reliable way for Java developers to secure applications. However, proper implementation is critical to prevent the most common vulnerabilities. Continue Reading
-
Feature
05 May 2020
Why developers need to know the Spring Security framework
The Spring Security framework is a reliable way for Java developers to secure applications. However, proper implementation is critical to prevent the most common vulnerabilities. Continue Reading
-
Blog Post
01 Oct 2018
Women in Cybersecurity: Bringing Balance to the Equation
The world of technology is exciting. And confusing. And dangerous. And full of potential. For women, privacy and security are concepts that go hand in hand. Today’s technology has created new ways ... Continue Reading
-
Feature
09 Oct 2017
How blockchain security is driving digital transformations
Whether it is a secure cloud, a secure mobile device or a secure IOT interaction, organizations are making blockchain security a central part of their digital transformations. Continue Reading
-
Podcast
04 Oct 2017
Manico and Grimstad bring Java tech to life at JavaOne 2017
Engaging speakers like Jim Manico or Ivar Grimstad can make all the difference when choosing a session at a conference like JavaOne 2017 than the session syllabus. Continue Reading
-
Podcast
03 Oct 2017
How Java EE Security and MVC 1.0 simplify Java microservices
Once the decision has been made to use containers and microservices, it's good to know that MVC 1.0 and the Java EE Security API will make the development process much easier. Continue Reading
-
News
02 Oct 2017
How JSR-375 simplifies and standardizes Java EE security
Java EE security has always been a mixed bag in terms of simplicity and standardization, but the new Java EE Security API, JSR-375, plans to change all of that. Continue Reading
-
Podcast
27 Sep 2017
Cloud-native apps push static code analysis tools to the limit
The distributed nature of a cloud-native architecture, with microservices deployed to a multitude of containers, can test the limits of static code analysis tools. Continue Reading
-
Feature
13 Sep 2017
How to remove plain text passwords for a secure Java code base
Here are some strategies to remove plain text passwords from configuration files and your code base. It's one way a secure Java app can deter a malicious attack. Continue Reading
-
Feature
12 Sep 2017
Containers and microservices complicate cloud-native security
As microservices-based applications are deployed to a sea of Docker containers, mitigating against cloud-native security issues is becoming a struggle. Continue Reading
-
Blog Post
10 Sep 2017
How to create secure Java software: A talk with Black Duck's Tim Mackey
In TheServerSide's ongoing coverage of developing secure Java software, I spoke recently with Tim Mackey, the IT evangelist for Black Duck Software. The conversation was interesting enough to pull ... Continue Reading
-
Podcast
07 Sep 2017
Microservices and containers can simplify DevOps security
You would think that managing a sea of containers and microservices would make DevOps security difficult, but it may, in fact, make DevSecOps easier. Continue Reading
-
Blog Post
01 Sep 2017
Implementing cloud-native security means going back to your secure coding basics
There's really nothing new under the sun when it comes to addressing security vulnerabilities in code. While there has been a great shift in terms of how server side application are architected, ... Continue Reading
-
Feature
28 Aug 2017
The hidden threat lurking in an otherwise secure software stack
All it takes is a fork from the main branch and a re-branding of the code, and the next thing you know, there's a hidden threat in your software. Here's how to protect against it. Continue Reading
-
Feature
21 Aug 2017
Avoiding the most common DevOps security vulnerabilities in the cloud
When applying DevOps principles, like continuous automation and continuous delivery, many organizations are creating DevOps security vulnerabilities in their public cloud. Continue Reading
-
Podcast
21 Aug 2017
DevSecOps tools maturing, much to the relief of DevOps developers
DevOps has placed a greater burden on the software developer in terms of securing the public cloud. DevSecOps tools are helping to reduce the DevOps developer's burden. Continue Reading
-
Blog Post
14 Aug 2017
Implementing a custom user registry to consolidate LDAP servers and active directories?
Should you implement a custom user registry to help mitigate access to your various LDAP servers in order to simplify security tasks such as authentication and group association? The answer to that ... Continue Reading
-
Feature
07 Aug 2017
Edge device developers not addressing IoT security vulnerabilities
Security is problematic when software is deployed behind firewalls, but when you have edge devices out in the wild, IoT security vulnerabilities become even more of a concern. Continue Reading
-
Blog Post
26 Jan 2017
IoT entrepreneurship on display at North Texas hackathon
What better way to promote IoT entrepreneurship than by sponsoring a hackathon and awarding prizes that come with business development guidance to the winners? Continue Reading
-
Blog Post
12 Oct 2016
IoT security tips: Five ways developers can help thwart IoT malware threats
From device spoofing to malware, information disclosure, and DOS attacks, there are many ways a compromised device can become a threat. Here are ways to keep your devices safe. Continue Reading
-
Feature
24 Aug 2016
Fighting censorship through anonymous browsing with the Hola app
From avoiding censorship to avoiding government controls, the Hola app has simplified anonymous browsing for its clients. Continue Reading
-
News
22 Jun 2016
Appease DevOps concerns with container as a service Docker deployments
At DockerCon 2016, the big trend from exhibitors is the container as a service, creating a smooth path for Docker adoption. Continue Reading
-
News
21 Jun 2016
Docker security, container performance the hot topics at DockerCon 2016
Operation teams are always concerned about software vulnerabilities, but at DockerCon 2016, vendors are working hard to allay those Docker security concerns. Continue Reading
-
News
21 Jun 2016
Simple Docker image acquisition the key to IBM's container strategy
By making it easier for clients to acquire a Docker image, IBM hopes to see more enterprises adopting a container-based development strategy. Continue Reading
-
Feature
04 Jan 2016
Java APIs to bridge the gap between today and future development efforts
At JavaOne 2015, a big topic of conversation was APIs and API development. In the IBM keynote, the promise was that an evolutionary approach to API development will help modern day developers pass the torch to those doing development in the future. Continue Reading
-
Tip
05 Nov 2015
How to put configurable security in effect for an IoT gateway
Implementing security for an IoT gateway is challenging. A software developer shares best practices for developing a dynamic and robust security model. Continue Reading
-
Tip
04 Nov 2015
Learn what the new Java EE security API means for developers
The new Java EE security API is a proposal for baking better security into Java EE, and could ease many security implementation headaches. Continue Reading
-
Tip
27 Jul 2015
Simplified user and group management is the key to secure application deployment
A big challenge in securing software is the management of users and groups. Less is often more in this regard, and being able to simplify is the ket to secure application deployment. Continue Reading
-
Feature
07 Jul 2015
How to create secure and bug free software using customer-driven development
When using the Agile method, development is largely customer-driven. How do you ensure the success of such a project? Here are some tips on how to develop secure, bug free software. Continue Reading
-
Feature
27 Apr 2015
Failing to integrate security with DevOps? Do so at your own peril
Security is often considered as an afterthought in the software development lifecycle. But organizations need to keep up with vulnerabilities as they move to more agile DevOps practices. Read on for some best practices in building a security conscious culture. Continue Reading
-
Feature
21 Apr 2015
Improve software quality by paying early attention to application security
There are a number of strategies enterprises are taking to keep security on pace with faster development cycles. These include earlier code reviews, leveraging PaaS with built in security, and using cloud services for static and dynamic security analysis. Continue Reading
-
Feature
03 Apr 2015
Docker and containerization: The uncontainable trend of 2015
Containerization, especially using new and exciting platforms like Docker, is a massive trend in the industry. Find out how to leverage this trend to run applications, host operating systems and gain even more benefits from running in a fully virtualized environment. Continue Reading