Managing the security of your projects applications can be an overwhelming and unmanageable task. In today’s world, the number of newly created frameworks and languages is continuing to increase and they each have their own security drawbacks associated with them.
The wide variety of security scanners available can help find vulnerabilities in your projects, but some scanners only work with certain languages and they each have different reporting output formats. Creating reports for customers or managers and viewing analytics using different security tools in different projects can be a very time-consuming task.
Continue reading “The Diamond in the Rough: Effective Vulnerability Management with OWASP DefectDojo”
What is Keycloak?
Although security is a crucial aspect of any application, its implementation can be difficult. Worse, it is often neglected, poorly implemented and intrusive in the code. But lately, security servers have appeared which allow for outsourcing and delegating all the authentication and authorization aspects. Of these servers, one of the most promising is Keycloak, open-source, flexible, and agnostic of any technology, it is easily deployable/adaptable in its own infrastructure.
Moreover, Keycloak is more than just an authentication server, it also provides a complete Identity Management system, user federation for third parties like LDAP and a lot more … Check it out on here.
The project can also be found on Github
Continue reading “Easily secure your Spring Boot applications with Keycloak”
… with APIs, OpenID, and Microservices, Daria Mayorova and Mark Cheshire from Red Hat 3Scale shared their presentation on how to construct microservice-based applications with the benefits of API management.
Continue reading “Blueprint for Modern Application Architecture”
Expanding on Tristan’s blog, where he spoke of enabling security for JBoss Data Grid caches, in this post we will cover how to add LDAP based security to the JDG caches. The principles and techniques remain defined by Tristan, but there are some minor changes that I will be highlighting in this blog for a successful working configuration of JDG enabled with LDAP security.
Continue reading “Enabling LDAP Security for DataGrid Cache”
Dependency management isn’t anything new, however, it has become more of an issue in recent times due to the popularity of frameworks and languages, which have large numbers of 3rd party plugins and modules. With Node.js, keeping dependencies secure is an ongoing and time-consuming task because the majority of Node.js projects rely on publicly available modules or libraries to add functionality. Instead of developers writing code, they end up adding a large number of libraries to their applications. The major benefit of this is the speed at which development can take place. However, with great benefits can also come great pitfalls, this is especially true when it comes to security. As a result of these risks, the Open Web Application Security Project (OWASP) currently ranks “Using Components with Known Vulnerabilities” in the top ten most critical web application vulnerabilities in their latest report.
Continue reading “Using Snyk, NSP and Retire.JS to Identify and Fix Vulnerable Dependencies in your Node.js Applications”
Since I’ve learned about nftables, I heard numerous times that it would provide better performance than its designated predecessor, iptables. Yet, I have never seen actual figures of performance comparisons between the two and so I decided to do a little side-by-side comparison.
Continue reading “Benchmarking nftables”
A few months ago, I had to write some internal GCC passes to perform static analysis on the GNU C Library (glibc). I figured I might as well write them as plugins since they were unlikely to see the light of day outside of my little sandbox. Being a long time GCC contributor, but having no experience writing plugins I thought it’d be a good way to eat our own dog food, and perhaps write about my experience.
Continue reading “Diagnosing Function Pointer Security Flaws with a GCC plugin”