Secure coding
Tutorials and training on how to build secure applications using the latest in secure and defensive programming strategies.
Tutorials and training on how to build secure applications using the latest in secure and defensive programming strategies.
In this session, we'll give a demonstration of using a centralized authentication service to secure many different microservices. The demo will be based on Project Keycloak, but it would apply as well to Stormpath, Ping.Indenty, or similar services.
Secure coding is a set of technologies and best practices for making software as secure and stable as possible. It encompasses everything from encryption, certificates, and federated identity to recommendations for moving sensitive data, accessing a file system, and managing memory. Although the security landscape is always changing, secure coding tries to make building secure software more of a science than an art.
Writing secure code should be top of mind, especially given the number of application security breaches that find their way into the news. A critical first step is learning important secure coding principles and how they can be applied so you can code with security in mind. The Fedora Project's Defensive Coding Guide provides guidelines for improving software security through secure coding. It covers common programming languages and libraries, and focuses on concrete recommendations.
Find out what's new in Red Hat Enterprise Linux (RHEL) 9.5, including...
Log4Shell exposed a massive security gap in widely used open-source software....
Explore how to modify a non-standard library cryptography operation to call...
Aside from naming and versioning, managing sensitive assets, like...