Software Security for Developers

Improve your application's security and close vulnerabilities with improved tooling and processes. 

Application Security Posts

Broadening compiler checks for buffer overflows in _FORTIFY_SOURCE

Broadening compiler checks for buffer overflows in _FORTIFY_SOURCE

April 16, 2021

Buffer overruns are by far the most common vulnerability in C or C++ programs, and a number of techniques have come up over the years to detect overruns early and abort execution. The _FORTIFY_SOURCE macro, provided by the GNU C Library, helps mitigate a number of these overruns and is widely deployed in Red Hat […]

Vulnerability analysis for Golang applications with Red Hat CodeReady Dependency Analytics

Vulnerability analysis for Golang applications with Red Hat CodeReady Dependency Analytics

April 15, 2021

Red Hat CodeReady Dependency Analytics, powered by Snyk Intel Vulnerability database, helps developers find, identify, and fix security vulnerabilities in their code. In the latest 0.3.2 release, we focused on supporting vulnerability analysis for Golang application dependencies, providing easier access to vulnerability details uniquely known to Snyk, and other user experience improvements. Vulnerability analysis for […]

Securely connect Red Hat Integration Service Registry with Red Hat AMQ Streams

Securely connect Red Hat Integration Service Registry with Red Hat AMQ Streams

April 7, 2021

Red Hat Integration Service Registry is a datastore based on the Apicurio open source project. In my previous article, I showed you how to integrate Spring Boot with Service Registry. In this article, you’ll learn how to connect Service Registry to a secure Red Hat AMQ Streams cluster. Connecting Service Registry with AMQ Streams Service […]

Get started with clang-tidy in Red Hat Enterprise Linux

Get started with clang-tidy in Red Hat Enterprise Linux

April 6, 2021

Clang-tidy is a standalone linter tool for checking C and C++ source code files. It provides an additional set of compiler warnings—called checks—that go above and beyond what is typically included in a C or C++ compiler. Clang-tidy comes with a large set of built-in checks and a framework for writing your own checks, as […]

X.509 user certificate authentication with Red Hat's single sign-on technology

X.509 user certificate authentication with Red Hat's single sign-on technology

February 19, 2021

This article illustrates how to configure a browser authentication flow using X.509 user-signed certificates. Once you have set up authentication using X.509 user-signed certificates, your users will not be required to enter a username and password when authenticating against Red Hat’s single sign-on technology (SSO). Instead, they will present an X.509 certificate to the SSO […]

Latest Comments

Waiting for Disqus…