Authentication Vulnerabilities in Java: Session Management & Advanced Security (Part 3)
4d ago · 22 min read · In Part 1, we discussed the requirements of passwords according to NIST recommendations, various methods of rate limiting using sliding window and exponential backoff, and ways to avoid enumeration of
Join discussion
Authentication Vulnerabilities in Java: Credential Transmission & Password Reset (Part 2)
Mar 3 · 19 min read · In Part 1, we have already discussed the password policies based on the guidelines provided by the NIST, rate limiting for preventing brute-force attacks, and preventing username enumeration through c
Join discussion
Authentication Vulnerabilities in Java: Password Security & Rate Limiting (Part 1)
Feb 23 · 17 min read · Authentication is the most critical security boundary within a web application. A user claims to be Alice: the application has to validate that claim before granting access. Despite the long history o
Join discussion
SQL Injection in Java: A Security Architect's Perspective (Part 3)
Feb 18 · 13 min read · As discussed in Part 1 and Part 2 of this series, we had a look at SQL injection from a developer's perspective and discussed coding best practices related to SQL injection for JDBC, JPA, Spring Data, MyBatis, and stored procedures. This third part o...
Join discussion
How to Test AI-Written Software Products: Step-by-Step Methods, Real Code Examples, and the Hidden Drawbacks
Feb 15 · 10 min read · Testing AI-written software products works best when you treat the generated code as “helpful but untrusted,” then build a repeatable test pipeline that proves correctness, safety, and stability over time. The practical goal is not to confirm that th...
Join discussion