In this two-post series, I’ve addressed most of 16 different practices to secure APIs with Apache APISIX.
-
Secure your API with these 16 Practices with Apache APISIX – part 1
See how to configure Apache APISIX to secure your APIs against 7 of the 16 rules in the “16 practices to secure your API” list.
-
Hardening Apache APISIX with the OWASP’s Coraza and Core Ruleset
Most organizations don’t incentivize for security. Hence, we need to be smart about it and use existing components as much as possible.
-
OpenRewrite: Migrate to Spring Boot 3.2
Simplify your migration process to Spring Boot 3.2 with the help of OpenRewrite.
-
Securing Symmetric Encryption Algorithms in Java
Encryption is converting readable data or plaintext into unreadable data or ciphertext, ensuring that even if encrypted data is intercepted, it remains inaccessible to unauthorized individuals.
-
Handling security vulnerabilities in Spring Boot
Keeping your dependencies in check is crucial to ensure that your Spring Boot projects run smoothly and remain resilient in the face of ever-evolving threats.
-
State of the Software Supply Chain Report: Key Takeaways for Java Developers
Sonatype have just released the 9th edition of their State of the Software Supply Chain Report. I thought I’d pull out some highlights for Java Developers!
-
Using JLink to create smaller Docker images for your Spring Boot Java application
An in-depth exploration of utilizing JLink to optimize Docker image sizes, enhancing application security and performance.
-
Thread-Safe Counter in Java: A Comprehensive Guide
In this tutorial, we will explore the concept of thread safety in Java, specifically focusing on a simple counter.
-
Book Review: “OpenJDK Migration for Dummies”
Not just a technical manual, Simon Ritter’s new book is a companion on a journey through the complexities of OpenJDK migration.
-
SnakeYaml 2.0: Solving the unsafe deserialization vulnerability
In December of last year, we reported CVE-2022-1471 to you. This unsafe deserialization problem could easily lead to arbitrary code execution.