By Marina Sinama-Pongolle [https://www.linkedin.com/in/marinasinamapongolle] At this year’s Devoxx [http:…
By Victoria Pedron – @vghores [http://www.twitter.com/vghores] My favorite Scrumday [http://www.scrumday.…
Java 8's Stream API: a new way to manage collections
By Luc Clément – @luclement [http://www.twitter.com/luclement] Until now, processing collections or tables…
By Pierre Templier – @ptemplier [http://www.twitter.com/ptemplier] Java 8 includes a brand new…
From development to production with Vagrant and Packer
From development to production with Vagrant and Packer Have you heard of Vagrant? Vagrant [http:…
The Responsive Web Design Approach for the Liferay #3 Portal: The Often Forgotten Design
The Responsive Web Design approach for the Liferay #3 portal: The often forgotten design 06…
OWASP Top 10 - A10 Unvalidated Redirects and Forwards
Description If a user is redirected or forwarded to a page defined by an unverified…
OWASP Top 10 - A9 Using Components with Known Vulnerabilities
Description Known software vulnerabilities are available to everyone on the Internet. If an attacker knows…
OWASP Top 10 - A8 Cross-Site Request Forgery (CSRF)
Description An attacker sends a request to a website you are authenticated on to execute…
OWASP Top 10 - A7 Missing Function Level Access Control
Description In a web application with different user roles, authentication is not enough. Each request…
OWASP Top 10 - A6 Sensitive Data Exposure
Description We have seen in the previous articles that an experienced attacker can easily intercept…
OWASP Top 10 - A5 Security Misconfiguration
Description Nowadays, besides the operating system and the JRE, most of the Java applications are…
OWASP Top 10 - A4 Insecure Direct Object References
Description The application exposes a direct reference (functional identifier, database key, file path…) to a…
OWASP Top 10 - A3 Cross Site Scripting (XSS)
Description Cross-Site Scripting is a specific consequence of an injection attack. The goal is to…
OWASP Top 10 - A2 Broken Authentication and Session Management
Description The attacker steals his victim’s credentials or any information that will help him…