Videos66 articles

Java natively supplies many different options to parse XML. However, all available parsers in Java have XML eXternal Entity (XXE) enabled by default. This makes Java XML libraries particularly vulnerable to XXE injection.

In the video, I explain and demonstrate how an XXE injection attack works by extracting system data that should not be exposed.

I also show you how you can solve this in your Java code in multiple ways.

United by their passion for open source, Payara and IBM recently teamed up for a panel discussion on security in Java application development.

Security is something that is considered extremely important, however, it is not always something that is a priority for many development teams. The main question is—how to minimize security risks while developing Java applications.

In this panel discussion, our experts addressed a variety of topics related to secure application development. Most of the topics were introduced by questions from the audience.

In a distributed microservices architecture, it is important to have an overview of your systems in terms of CPU, memory management and other important metrics.

This is called Observability, measuring the internal state of a system, in this case, the micro-services instances.

The goal of MicroProfile Metrics is to expose monitoring data from the implementation in a unified way. It also defines a Java API so that the developer can define and supply his own values.

In this article, you’re presented with four short videos that will take you step-by-step through installing, writing, and deploying an application to Payara Server, even if you’ve never used the application server before.

Visit the Payara Getting Started page for further resources on getting started, including: Configuring, Adding a data source, Adding functionality, monitoring, security auditing, Creating a Restful Web Service, Logging, Testing Apps, etc.

In this day and age, securing enterprise platforms is a challenge that developers and consultants tackle in an uninformed manner, producing subpar solutions in most cases.

This presentation by Ondrej Mihalyi at DevOpsCon showcases the strength of combining MicroProfile and an OAuth service by doing a live demonstration of securing enterprise Java microservices in Kubernetes.