Java
Password Security: Why Hashing is Essential
Password security is an often underestimated but critical topic in software development. Databases containing millions of user logins are …
Secure Coding Practices
21 articles
Java
If hashCode() lies and equals() is helpless
A deep look into Java’s HashMap traps – visually demonstrated with Vaadin Flow. The silent danger in the standard library The use of HashMap …
Java
Creating a simple file upload/download application with Vaadin Flow
Vaadin Flow is a robust framework for building modern web applications in Java, where all UI logic is implemented on the server side. In …
Java
Java Cryptography Architecture (JCA) - An Overview
The Java Cryptography Architecture (JCA) is an essential framework within the Java platform that provides developers with a flexible and …
Java
Cache Poisoning Attacks on Dependency Management Systems like Maven
Cache poisoning on Maven Caches is a specific attack that targets how Maven Caches manages packages and dependencies in a software …
Java
What is CWE-1007: Insufficient visual discrimination of homoglyphs for you as a user?
The world of cybersecurity is full of threats, many of which are surprisingly subtle and challenging to detect. One such threat is the …
Design Pattern
CWE-778: Lack of control over error reporting in Java
Learn how inadequate control over error reporting leads to security vulnerabilities and how to prevent them in Java applications. Safely …
Java
Code security through unit testing: The role of secure coding practices in the development cycle
Unit testing is an essential software development concept that improves code quality by ensuring that individual units or components of a …
Java
Understanding TOCTOU (Time-of-Check to Time-of-Use) in the Context of CWE-377
Building on the discussion of “CWE-377: Insecure Temporary File”, it’s essential to delve deeper into one of the most insidious …
Java
CWE-1123: Excessive Use of Self-Modifying Code for Java Developers
Self-modifying code refers to a type of code that alters its own instructions while it is executing. While this practice can offer certain …
Java
CWE-377 - Insecure Temporary File in Java
In software development, temporary files are often used to store data temporarily during an application’s execution. These files may contain …
Java
CWE-22: Best practices to use Java NIO
In today’s digital landscape, ensuring the security of your applications is paramount. One critical vulnerability developers must …