Java Champions & Developer Advocate and Software Engineer for Snyk. Passionate about Java, (Pure) Functional Programming, and Cybersecurity. Co-leading the Virtual JUG, NLJUG and DevSecCon community. Brian is also an Oracle Groundbreaker Ambassador and regular international speaker on mostly Java-related conferences.
Astra DB’s IP Access List addresses security concerns by enabling users to custom configure IPs and CIDR blocks that can access Astra DB hosted resources, including REST, GraphQL, Swagger, and CQLsh.
This lets enterprises restrict access from select office and home networks.
In the past two years, we have had to learn a lot about cybersecurity. New attack vectors are becoming more and more sophisticated and are directed more and more against the value chain in general.
But what does that mean for us? What can be done about it, and what reactions have the state already taken?
If you are working in the Java ecosystem and building your applications with an older Maven version, this message is for you.
Check your Maven version by typing mvn -version! If you are still running on an old Maven version like 3.6.3 or below you definitely need to upgrade to version 3.8.1 because of security reasons.
Be aware that to run Maven 3.8.1, Java 7+ is required.
In this article, we’re going to look at the differences between the various cybersecurity defence techniques.
My personal opinion on these different approaches is that if you start with DevSecOps or security in IT in general, the SAST approach makes the most sense. This is where the greatest potential threat can be eliminated with minimal effort.
Here you can identify four main groups, which we will go through briefly one after another to illustrate the advantages and disadvantages.
Recently, I was in discussion with a Java user at a bank about the possibilities of using Azul Platform Core to run a range of applications.
Security is a very serious concern when sensitive data is in use, and potentially huge sums of money could be stolen.
I was, therefore, somewhat taken aback when the user said, “We’re not worried about installing Java updates as our core banking services are behind a firewall.”
If you’re a Java developer who wants to develop your applications more securely, you’ve come to the right place. Snyk can help you with that mission.
This article explains how to begin with Snyk for secure Java development so you can be more secure from the get-go.
What is the Common Vulnerability Scoring System (CVSS), who is behind it, what are we doing with it, and what does a CVSS Value mean for you?
With CVSS, we have a value system for evaluating security gaps in software. Since there are no alternatives, the system has been in use worldwide for over ten years and is constantly being developed, it is a defacto standard.
The evaluation consists of three components.
Again and again, we read in the IT news about new security gaps that have been identified.
Most of the time, you don’t even hear or read anything about all the security holes found that are not as well known as the SolarWinds Hack, for example.
But what is the typical lifecycle of such a security gap?
If you need to store sensitive data in your system, you have to be sure that you have proper encryption in place.
First of all, you need to decide what kind of encryption you need —for instance, symmetric or asymmetric.
Also, you need to choose how secure it needs to be. Stronger encryption takes more time and consumes more CPU.
The most important part is that you don’t need to implement the encryption algorithms yourself. Encryption is hard and a trusted library solves encryption for you.
JEP 411: What it Means for Java’s Security Model and Why You Should Apply the Principle of Least Privilege
Java, like most platforms or languages has layers of security. This article intends to look at Java’s Authorization layer, which is unlike in other languages.
We will also distinguish between two different ways this layer is typically utilized and why one is effective while the other isn’t.
Furthermore, we investigate why JEP 411 only considers the least effective method and hopefully we will increase awareness of the Principle of Least Privilege as it is applied to Java Authorization, improve adoption and encourage people to take advantage of the improved security it provides.
We hope to prolong its support and possibly even improve it in future.
In the last several years, the OpenJDK community has made Java significantly safer for users and developers while at the same time making it easier to design, build, and run applications quickly.
Java users should incorporate several practices to take full benefit from the defenses of the modern JRE.