Welcome

Black Hat Presentation: OWASP DeepViolet

On August 8, 2018 I will be presenting DeepViolet, a TLS/SSL scanning API & tools at the Black Hat conferences event in Las Vegas.  The project is divided in two code repositories, DeepViolet the primary Java code API, and DeepVioletTools which is a command line tool and desktop application or reference cases demonstrating the API’s … Continue reading “Black Hat Presentation: OWASP DeepViolet”

Update 3rd party libraries is easy

Interested to make easy work keeping your projects 3rd party dependencies up to date?  If so, push the easy button and read on.

Oracle Announces Java SE Subscriptions

Donald Smith from Oracle’s Java Platform Group announces Java SE Subscriptions in a recent blog post.  Key points point for security as I see them …

Something Amazing Happened in Java Security Today

Today Jim Manico (Twitter:@manicode) was nominated and announced a Java Champion.  Jim is the founder and leader of Manicode, a software security training company.  So why do I think this is amazing?

TLS 1.3 Support Planned for Java

Earlier today Sean Mullan(Twitter: @seanmullan) on the Java team announced TLS 1.3 support on Twitter.   JEP 332: Transport Layer Security (TLS) 1.3 describes the current plans for support.

Top Security Expert, IoT Security is a Market Failure

In a recent blog post, Security Economics of the Internet of Things on Schneier on Security, security expert and cryptologist Bruce Schneier describes economics related to securing IoT devices.  The post was written due to unprecedented DDOS attacks against investigative security journalist Brian Krebs and his web site krebsonsecurity.com.

OWASP Security Logging Project Explored

The OWASP Security Logging Project is a security logging API that extends popular logging technologies providing powerful security logging capabilities to your projects.  If your project already uses a popular logging API like log4j, logj2, logback, etc. then most of your work is done.  Even for legacy projects there are some benefits.  In this post I … Continue reading “OWASP Security Logging Project Explored”

Tracking Aircraft on Raspberry PI

Photo: Raspberry Pi RLT-SDR receiver What can you do with a RLT-SDR receiver, dump1090 software, and a Raspberry PI?  Easy, you can capture data like flight numbers, altitude, speed, and position information from ADS-B equipped aircraft in your area. Ever since I was a kid I always enjoyed listening to my Grandfather’s shortwave radio.  Every … Continue reading “Tracking Aircraft on Raspberry PI”