User's blog

Category: Security

  • Integrate OWASP dependency-check reports with SonarQube

    by

    user
    in ,

    In our previous tutorial, we discussed how to configure the OWASP dependency-check maven plugin to analyze maven projects for vulnerable dependencies. The dependency check report provides a detailed report of vulnerable JAR libraries used in your project. In this tutorial, we discuss how to integrate the dependency check report into your Sonar analysis and your…

  • How to identify vulnerable dependencies in a Maven project

    by

    user
    in ,

    Software security is an essential component of any enterprise or large scale software product. Making sure that your software product is secure protects your product from a range of attacks and helps safeguard the safety of your users’ data. Sometimes, it is even required due to laws and regulations of your industry. In this tutorial,…

  • Hashing passwords in Spring applications

    by

    user
    in

    When handling account passwords, you need to make sure that passwords are transmitted through a secure medium and stored in a persistent and a non-reversibly hashed format. A large majority of backend and web-based applications rely on authorization mechanisms which involve the user inserting a username and a password. When building such applications for the…

  • How to Encrypt/Decrypt files and byte arrays in Java using AES-GCM

    by

    iba
    in ,

    In this post, we will discuss how to encrypt and decrypt a file using the AES encryption algorithm in GCM mode. We will start by writing a file reader / writer to read and write files into byte arrays. Then we will attempt to encrypt and decrypt these byte arrays. This example has been written…