cybersecurity8 articles

A Report of 2023 Software Conferences in the Philippines for the Java Community and Java User Groups. Sharing the details of the events.

I’d like to start by saying that I’m not a security expert. I also won’t link to the exploit. This is a very fresh take on a new vulnerability but there’s already confirmation from Sonatype. The current exploit seems to …

Learn about major milestones in app security: finding the issue, evaluating a breach, proving it, and validating the fix!

Java Debug Wire Protocol (a.k.a. JDWP) was designed for testing internally. Opening it to production is a HUGE security and stability risk…

In the past two years, we have had to learn a lot about cybersecurity. New attack vectors are becoming more and more sophisticated and are directed more and more against the value chain in general.

But what does that mean for us? What can be done about it, and what reactions have the state already taken?

In this article, we’re going to look at the differences between the various cybersecurity defence techniques.

My personal opinion on these different approaches is that if you start with DevSecOps or security in IT in general, the SAST approach makes the most sense. This is where the greatest potential threat can be eliminated with minimal effort.

Here you can identify four main groups, which we will go through briefly one after another to illustrate the advantages and disadvantages.

What is the Common Vulnerability Scoring System (CVSS), who is behind it, what are we doing with it, and what does a CVSS Value mean for you?

With CVSS, we have a value system for evaluating security gaps in software. Since there are no alternatives, the system has been in use worldwide for over ten years and is constantly being developed, it is a defacto standard.

The evaluation consists of three components.