Security

Encryption with PBKDF2

Reading Time: 4 minutes Passwords can be the most valuable data to an attacker because stolen passwords can provide attackers the ability to bypass most of the security perimeters that exists in the system. Since lot of people use the same password in several other systems, one system compromise can affect the security of other systems too. This is where we can use encryption as a solution for theses Continue Reading

DevSecOps: Security with DevOps

Reading Time: 3 minutes Hi everyone! I’m back with a new blog where will be discussing a term called DevSecOps. This term directly related to a very important component of technology which is security. So let’s discuss what is DevSecOps? Why it’s so much important? How it comes into the picture?

Store Git Credentials Encrypted

Reading Time: 3 minutes Hey folks in this blog post we would be looking over how we can store our git credentials in an encrypted format over linux remote servers, let’s first quickly have a look why we want to do it and what git provide us with as options. Git credentials helpers So git provide many types of credential helpers like Store The first and most basic type Continue Reading

Vault: A secure way to keep your App’s secrets

Reading Time: 3 minutes In this blog, we will discuss the Vault. In modern scenarios, we want to secure our system as much as possible. We don’t want to store our secret keys and certificates in the system or configurations. We need a place where we can keep our secrets with more security and access them securely whenever we need them. We can use the Vault. Vault is the Continue Reading

How to start with Vega : The web security scanner?

Reading Time: 3 minutes Vega – Web security scanner and web security testing platform. Alright, Today I have come up with an interesting topic which is Vega and this blog is inspired by the last blog I wrote on web security. Vega is nothing but a tool, we will talk more about Vega in a while but let’s first talk ‘Why Vega’. So, next when you are done with your Continue Reading

Actions in Play Framework

Authentication using Actions in Play Framework

Reading Time: 1 minute Actions in Play Framework plays an important, the requests received by a Play application are handled by an Action. Action composition is an incredibly powerful way to enhance or restrict controller behaviour. In Play Framework controllers consist of methods that create Action objects to handle the incoming requests. A play.api.mvc.Action is basically a (play.api.mvc.Request => play.api.mvc.Result) function that handles a request and generates a result to be sent to the client. We can Continue Reading

SQL made easy and secure with Slick

Reading Time: 5 minutes Slick stands for Scala Language-Integrated Connection Kit. It is Functional Relational Mapping (FRM) library for Scala that makes it easy to work with relational databases. Slick can be considered as a replacement of writing SQL queries as Strings with a nicer API for handling connections, fetching results and using a query language, which is integrated more nicely into Scala. You can write your database queries Continue Reading

Configuring SSH Key Authentication on Linux

Reading Time: 3 minutes Now Days it is very convenient to use Remote Desktop Protocol(RDP) for accessing remote system over Internet, specially server systems(either client to server or server to server), although it is very convenient and easy way to access remote systems but it may cause big loss as it may provide an opportunity for remote attackers to guess logon credentials of client. There may present many ways Continue Reading

Handling HTTPS requests with Akka-HTTPS Server

Reading Time: 2 minutes Hi guys, In my last blogs I explained how one can create a self-signed certificate and KeyStore in PKCS12. You can go through the previous blog, as we’ll be needing certificate and keystore  for handling HTTPS requests. https://blog.knoldus.com/2016/10/18/create-a-self-signed-ssl-certificate-using-openssl/ https://blog.knoldus.com/2016/10/26/how-to-create-a-keystore-in-pkcs12-format/ Akka-HTTP provides both Server-Side and Client-Side HTTPS support. In this blog I’ll be covering the Server-Side HTTPS support. Let’s start with “why do we need server-side HTTPS support?” If we want the communication between the browser and Continue Reading

How to create a KeyStore in PKCS12 Format.

Reading Time: 2 minutes In my last blog I explained how to create a self-signed SSL certificate. You can go through the previous blog and generate the certificate and private key as we’ll be needing it for creating a KeyStore. Create a self-signed SSL Certificate using OpenSSL. In this blog I’ll be explaining how one can create a KeyStore in PKCS12 Format using OpenSSL. Let’s start with “What is Continue Reading

Create a self-signed SSL Certificate using OpenSSL.

Reading Time: 3 minutes In this blog I’ll be giving a little bit of insight on SSL certificates and then how to create a self-signed certificate using OpenSSL. Let’s start with  “What is an SSL Certificate?“ SSL stands for Secure Socket Layer. SSL is a global standard technology that creates encrypted communication between web browser and web server. It helps to decrease the risk of losing your personal information(e.g passwords, emails, Continue Reading

Integrate JWT with Akka HTTP

Reading Time: 3 minutes In this article we will discuss about , how to implement  authentication or authorization in Akka HTTP routes using JWT . As we know Akka HTTP is full implementation of  server  and client side HTTP stack on top Akka actor and Akka stream . Now Let’s  we  talk about JWT. what is JWT ? JSON Web Token (JWT) is an open standard (RFC 7519) that defines Continue Reading

Knoldus Pune Careers - Hiring Freshers

Get a head start on your career at Knoldus. Join us!