Drools Guvnor – Manage access

Externalize business or technical rules is very important for scalable applications but the BRMS service access should be managed. guvnor…

Read More »

Investigating the HashDoS issue

Nearly one month ago I have written some thoughts on how the HashDoS problem presented at the 28C3 or other…

Read More »

Introduction to Strong Cryptography

One thing that amazes me is that the most developers are not familiar with strong cryptography. In my career, I’ve…

Read More »

Essential Attack Surface Management

To attack your system, to steal something or do something else nasty, the bad guys need to find a way…

Read More »

OAuth with Spring Security

From Wikipedia: OAuth (Open Authentication) is an open standard for authentication. It allows users to share their private resources (e.g.…

Read More »

Simple Security Rules

Wow! Citi really messed up their online security. They included account information as part of the URL. You could alter…

Read More »

Spring 3, Spring Web Services 2 & LDAP Security

This year started on a good note, another one of those “the deadline won’t change” / “skip all the red…

Read More »

Public key infrastructure

Some time ago I was asked to create presentation for my colleagues which describes Public Key Infrastructure, its components, functions,…

Read More »

Hints for writing secure code

Security and data protection are becoming now more and more popular topics. We are coming into the world where too…

Read More »