Security

How to Protect Your Database in a Distributed World with IP Access List

Astra DB’s IP Access List addresses security concerns by enabling users to custom configure IPs and CIDR blocks that can access Astra DB hosted resources, including REST, GraphQL, Swagger, and CQLsh.

This lets enterprises restrict access from select office and home networks.

SolarWinds Hack And The Executive Order Of Cybersecurity: What Does This Mean For Us?

In the past two years, we have had to learn a lot about cybersecurity. New attack vectors are becoming more and more sophisticated and are directed more and more against the value chain in general.

But what does that mean for us? What can be done about it, and what reactions have the state already taken?

Why You Should Upgrade to Maven Version 3.8.1 Today or Very Soon

If you are working in the Java ecosystem and building your applications with an older Maven version, this message is for you.

Check your Maven version by typing mvn -version! If you are still running on an old Maven version like 3.6.3 or below you definitely need to upgrade to version 3.8.1 because of security reasons.

Be aware that to run Maven 3.8.1, Java 7+ is required.

SAST, DAST, IAST and RASP

In this article, we’re going to look at the differences between the various cybersecurity defence techniques.

My personal opinion on these different approaches is that if you start with DevSecOps or security in IT in general, the SAST approach makes the most sense. This is where the greatest potential threat can be eliminated with minimal effort.

Here you can identify four main groups, which we will go through briefly one after another to illustrate the advantages and disadvantages.

Are Java Security Updates Important?

Recently, I was in discussion with a Java user at a bank about the possibilities of using Azul Platform Core to run a range of applications. 

Security is a very serious concern when sensitive data is in use, and potentially huge sums of money could be stolen.

I was, therefore, somewhat taken aback when the user said, “We’re not worried about installing Java updates as our core banking services are behind a firewall.”

Getting Started with Snyk for Secure Java Development

If you’re a Java developer who wants to develop your applications more securely, you’ve come to the right place. Snyk can help you with that mission.

This article explains how to begin with Snyk for secure Java development so you can be more secure from the get-go.

CVSS 101: First Steps with Common Vulnerability Scoring System

What is the Common Vulnerability Scoring System (CVSS), who is behind it, what are we doing with it, and what does a CVSS Value mean for you?

With CVSS, we have a value system for evaluating security gaps in software. Since there are no alternatives, the system has been in use worldwide for over ten years and is constantly being developed, it is a defacto standard.

The evaluation consists of three components.

The Lifecycle of a Security Vulnerability

Again and again, we read in the IT news about new security gaps that have been identified.

Most of the time, you don’t even hear or read anything about all the security holes found that are not as well known as the SolarWinds Hack, for example.

But what is the typical lifecycle of such a security gap?

Java Encryption and Hashing

If you need to store sensitive data in your system, you have to be sure that you have proper encryption in place.

First of all, you need to decide what kind of encryption you need —for instance, symmetric or asymmetric.

Also, you need to choose how secure it needs to be. Stronger encryption takes more time and consumes more CPU.

The most important part is that you don’t need to implement the encryption algorithms yourself. Encryption is hard and a trusted library solves encryption for you.

JEP 411: What it Means for Java’s Security Model and Why You Should Apply the Principle of Least Privilege

Java, like most platforms or languages has layers of security. This article intends to look at Java’s Authorization layer, which is unlike in other languages.

We will also distinguish between two different ways this layer is typically utilized and why one is effective while the other isn’t.

Furthermore, we investigate why JEP 411 only considers the least effective method and hopefully we will increase awareness of the Principle of Least Privilege as it is applied to Java Authorization, improve adoption and encourage people to take advantage of the improved security it provides.

We hope to prolong its support and possibly even improve it in future.

Java: Where the Wild Code Isn’t

In the last several years, the OpenJDK community has made Java significantly safer for users and developers while at the same time making it easier to design, build, and run applications quickly.

Java users should incorporate several practices to take full benefit from the defenses of the modern JRE.