Security84 articles

Use IntelliJ IDEA to analyze dependencies in your project. Use the Dependency Analyzer to find specific dependencies, show conflicts and more, or use the Dependency Diagram in IntelliJ IDEA Ultimate.

Did you know bots can automatically create pull requests to keep dependencies secure and up to date?

A demonstration of log4j exploits, which defenses people tried, and which worked. A look at open source funding models, subscriptions, and bug bounty programs to see why it’s sometimes hard to donate.

Path traversal vulnerabilities are a serious threat to Java web applications, amongst the top security issues Snyk finds in Java code.

Next time you’re considering a new Java library, look for the Sonatype Safety Rating on Maven Central to aid in your decision making.

Java is a compiled language, so you should create an SBOM whenever you build a release version of your application. Find out more here!

Externalizing your authentication process to a third party may be sensible, but you want to avoid binding your infrastructure to its proprietary process.

The third article in a series on SBOMs, software supply chains, the government and you, introducing threat modelling and tools to help!

Simple configuration that requires no code change can save you from hacks such as Log4Shell, & from vulnerabilities we don’t know about yet!

Learn how you can leverage OPA and Apache APISIX to move your authentication and authorization logic from the code to the infrastructure.