@nick79

Directory Traversal: A Security Architect's Perspective (Part 3)

1d ago · 16 min read · In Part 1 and Part 2 of this series, we examined directory traversal from a developer's perspective, covering attack vectors, secure coding patterns, Apache Commons IO usage, frontend security conside

Directory Traversal in Java: Advanced Protection and Testing (Part 2)

Apr 20 · 22 min read · In previous part 1, we discussed the basics of directory traversal attacks, attack vectors, vulnerable code structures, and the essential mitigation techniques, including secure Spring Boot usage. In

Directory Traversal in Java: A Comprehensive Security Guide (Part 1)

Apr 7 · 16 min read · Directory traversal vulnerabilities are at the core of a failure in the boundary between application logic and filesystem access. There is a tendency to focus on SQL injection, but directory traversal

Building an Application Security Metrics Program: Measuring What Actually Matters

Mar 30 · 27 min read · Security architecture is not just about selecting the right controls or designing secure systems. It is about proving those controls work, tracking their effectiveness over time, and communicating res

DiffGuard: LLM-Powered Security Review for Staged Git Diffs

Mar 23 · 17 min read · We ship code every day. In that code, there is often a SQL injection that nobody noticed, a hardcoded secret that slipped through review, or an XML parser set up with defaults that should have been se