Skip to content

Dominik Schadow

Java, JCrypTool, Secure Development and other IT related thoughts

  • Events
  • Publications
  • Contact
  • More

Category: Secure Development

Java Security Myths session at DOAG 2013

I’ll be speaking about Java Security Myths at the DOAG 2013 conference in Nürnberg. My (German) session is on November 21st at 10 a.m.

Published August 8, 2013
Categorized as Events, Secure Development

OWASP Top 10 2013 release candidate published

The first release candidate of the new OWASP Top 10 2013 was published a couple of days ago (PDF). And the top 10 changed quite a bit (see the project wiki): A1 Injection A2 Broken Authentication and Session Management (was formerly A3) A3 Cross-Site Scripting (XSS) (was formerly A2) A4 Insecure Direct Object References A5… Continue reading OWASP Top 10 2013 release candidate published

Published February 27, 2013
Categorized as Secure Development

Total failure of Java security

Wow, that’s a sentence I believed I would never write in my professional life: deactivate Java in your web browser immediately! In any browser and on any operating system. Instructions are e.g. available here and normally on your browser manufacturer home page. Turning it off does not have an impact on normal Java applications, those… Continue reading Total failure of Java security

Published August 28, 2012
Categorized as Java, Secure Development

Security is every developer’s job

In one of his latest blog posts published in the OWASP feed, Dinis Cruz points out, that secure development and application security itself must be invisible to developers. I can’t completely agree to that. On one side, Dinis is right: The frameworks we use must be way more secure out of the box and way… Continue reading Security is every developer’s job

Published April 10, 2012
Categorized as Java, Secure Development

Posts navigation

Newer posts Page 1 Page 2
  • Twitter
  • GitHub
  • XING
Dominik Schadow
Proudly powered by WordPress.