The Diamond in the Rough: Effective Vulnerability Management with OWASP DefectDojo

Managing the security of your projects applications can be an overwhelming and unmanageable task. In today’s world, the number of newly created frameworks and languages is continuing to increase and they each have their own security drawbacks associated with them.

The wide variety of security scanners available can help find vulnerabilities in your projects, but some scanners only work with certain languages and they each have different reporting output formats. Creating reports for customers or managers and viewing analytics using different security tools in different projects can be a very time-consuming task.

Continue reading “The Diamond in the Rough: Effective Vulnerability Management with OWASP DefectDojo”

Share

Building a Secure IoT Solution: Summit 2017

How do customers build an end-to-end IoT solution using commercial grade, open source products? This is the question we (Patrick Steiner, Maggie Hu and I) wanted to address with our session at the Red Hat Summit, Boston. The end-to-end solution is based on three-tier Enterprise IoT Architecture, which integrates IoT data with existing business processes and the human element.

Continue reading “Building a Secure IoT Solution: Summit 2017”

Share

Coding EJB clients for JBoss EAP 7.1

This article summarizes some new features that will be enabled in EAP 7.1 for applications using remote EJB clients. These new features will improve some aspects of the remote EJB communication such as:

  • A simplified method for looking up remote EJBs
  • A new annotation to control transaction propagation from remote EJB clients
  • A new annotation to enable Client side interceptors for EJB calls
  • An update in the remote EJB client configuration file
  • Simplified lookup of remote EJBs

Continue reading “Coding EJB clients for JBoss EAP 7.1”

Share

Local Development Setup for Red Hat Mobile using Docker

Getting up and running with local development for Red Hat Mobile Application requires that you run MongoDB and Redis locally. Doing so isn’t particularly difficult if you follow online guides, but it would be much more straightforward if you could just get these pieces of software up and running in a single command and not need to worry about versioning, creating data directories, setting permissions, and compiling some things such as Redis from source. It would be even better if you could easily switch versions. This is where containers shine.

In the next few paragraphs, we’ll demonstrate how you can run any almost any version of MongoDB and Redis with a single command on a machine that has the Docker service installed.

NOTE: This is not an extensive Docker CLI tutorial; just enough to learn basic commands that will allow you to get MongoDB and Redis up and running easily.

Continue reading “Local Development Setup for Red Hat Mobile using Docker”

Share