In our previous tutorial, we discussed how to configure the OWASP dependency-check maven plugin to analyze maven projects for vulnerable dependencies. The dependency check report provides a detailed report of vulnerable JAR libraries used in your project. In this tutorial, we discuss how to integrate the dependency check report into your Sonar analysis and your […]
How to identify vulnerable dependencies in a Maven project
Software security is an essential component of any enterprise or large scale software product. Making sure that your software product is secure protects your product from a range of attacks and helps safeguard the safety of your users’ data. Sometimes, it is even required due to laws and regulations of your industry. In this tutorial, […]
Hashing passwords in Spring applications
When handling account passwords, you need to make sure that passwords are transmitted through a secure medium and stored in a persistent and a non-reversibly hashed format. A large majority of backend and web-based applications rely on authorization mechanisms which involve the user inserting a username and a password. When building such applications for the […]
How to Encrypt/Decrypt files and byte arrays in Java using AES-GCM
In this post, we will discuss how to encrypt and decrypt a file using the AES encryption algorithm in GCM mode. We will start by writing a file reader / writer to read and write files into byte arrays. Then we will attempt to encrypt and decrypt these byte arrays. This example has been written […]