Rich Web Experience

JSFOne

Private Events

NFJS will come to your company »

Blogs

View all Blogs >>
  • Andrew Glover

    Co-author of "Continuous Integration"

    Enjoy the reading, baby: Continuous Integr more»

  • Michael Nygard

    Agile technology leader and dynamicist

    If large amounts of dirty data are actually valuable, how do you go about collecting it? Who's in the best position to amass huge piles? more»

  • Keith Donald

    Lead of Spring Web and Creator of Spring Web Flow

    I am pleased to announce that Developing Rich Web Applications with Spring, a three-day bootcamp lead by SpringSource engineers on web... more»

  • Mike Levin

    Software Developer specializing in Web2.0 websites

    “ align=“left” Del.icio.us is one more»

  • Matt Raible

    Creator of AppFuse and author of Spring Live

    Last Thursday, Kevin Brown visited LinkedIn's Mountain View office to do a presentation on Shindig, more»

  • Ted Neward

    Enterprise, Virtual Machine and Language Wonk

    If you've peeked at my blog site in the last twenty minutes or so, you've probably noticed some churn in the template in the upper-left... more»

  • Neal Ford

    Application Architect at ThoughtWorks, Inc.

    OK, it's finally here. I g more»

  • Richard Monson-Haefel

    VP of Developer Relations, Curl Inc.

    more»

  • Nathaniel Schutta

    Author, speaker, software engineer focused on user interface design.

    I don’t get to go to quite as many conferences as I’d like but luckily more and more organizers are putting talks on-line or... more»

  • Alex Miller

    Sr. Engineer with Terracotta Inc.

    I’m just starting to build out an app that uses Hibernate. I started with Hibernate mapping files but switched over to using JPA... more»

  • Pramod Sadalage

    Co-author of "Refactoring Databases:Evolutionary Database Development"

    When creating a Foreign Key constraint on the database as shown below ALTER TABLE BOOK ADD (CONSTRAINT FK_BOOK_ more»

  • Guillaume LaForge

    Groovy Spec Lead & Project Manager

    more»

  • Pratik Patel

    Software Architect

    I've been (very) slowly hacking away at new-and-improved Dojo plugin for Grails. I've found that Dojo, not Grails, has been my bottleneck -... more»

  • Graeme Rocher

    Project Lead of the Grails Project & CTO of G2One

    Apologies for not posting as frequently recently, I've been hard at work on the second edition of "The Definitive Guide to Grails" and also... more»

  • Jeff Brown

    G2One Director Of North American Operations - Groovy and Grails Developer

    G2One have announced our G roovy/Grails No more»

  • Jared Richardson

    Agile coach and co-author of Ship It

    Ouch. I feel guilty. The Joy of Tech on 3G iPhones more»

  • Ryan Shriver

    Business and Technology Consulting

    more»

  • Venkat Subramaniam

    Founder of Agile Developer, Inc.

    I have been waiting for this book since I saw my friend Neal more»

  • Jason Rudolph

    Author of Getting Started with Grails

    As of 8:55 EDT, there’s no direct link to the store just yet, but you can “hack” your way in. Just search the iTunes st more»

  • Howard Lewis Ship

    Creator of Tapestry and HiveMind

    I'll be flying into Cambridge, UK for a week of Tapestry training. I'll be there from Sunday through Thursday night before returning to... more»

  • Erik Doernenburg

    Principal Consultant @ Thoughtworks

    For a few releases the Apple development tools have included OCUnit and many developers have now started to write unit tests. There are lots... more»

  • Brian Pontarelli

    Brian Pontarelli - founder of Inversoft

    Found a good shortcut for getting access to hidden folders in OS X file dialogs and the Finder. It requires some typing and it doesn’t... more»

  • Vladimir Vivien

    Software Engineer / Consultant

    Judging from the list of features that will be included in NetBeans 6.5, more»

  • David Bock

    Principal Consultant, CodeSherpas Inc.

    I just spent this weekend speaking at the Ag ile IT Exchange conference i more»

  • Scott Leberknight

    Chief Architect at Near Infinity

    I ran into a situation the other day with Groovy that baffled me at first. Let's create a range from 0.0 to 10.0 and then use it to check if... more»

  • Kirk Knoernschild

    Software Developer & Mentor

    I’ve published a summary of the OSGi survey results on the APS blog more»

  • Stuart Halloway

    CEO of Relevance

    I was talking to Tim the other day about auditing Rails projects, a more»

  • Brian Goetz

    Author of Java Concurrency in Practice

    This surprised the heck out of me.�� We recently finished a new TV room down in the basement.�� We have a 50″ plasma TV, mounted on the... more»

  • Jason Harwig

    Senior Software Engineer at Near Infinity

    I was reading a blog entry at more»

  • Craig Walls

    Author of Spring in Action

    For quite some time I've been pondering OSGi and how it fits into enterprise Java. And that interest has been magnified over the past month... more»

  • Pete Behrens

    Organizational Agility Coach

    Marti nig & Associates Methods & Tools group recentl more»

  • Joseph Nusairat

    Author of Beginning JBoss Seam & Co-Author of Beginning Groovy & Grails

    Today is the first day of JBoss World, I survived the first three presentations and waiting for the keynote to be  complete to d more»

  • John Heintz

    Principal Consultant with New Aspects of Software

    This post is to mostly keep track of the numerous blog threads going on about IDLs and schemas for REST. I find myself with more to say that... more»

  • Brian Sam-Bodden

    Java author, Ruby geek and Open Source Advocate

    In this installment we are going to build the Dashboard page of the Tempo application. T more»

  • Mark Fisher

    Spring Integration Lead

    In my recent post, I had mentio more»

  • Ron Bodkin

    Chief Software Architect, Quantcast

    I'm looking forward to speaking at The Rich Web Experience conference in San Jose next month. The event runs from September 7th through 9th.... more»

  • Mark Goodwin

    Web Application Security Specialist

    We've already looked at one of the two big problems posed by anti DNS pinning on Java applets; because there's rebinding on the applet and... more»

  • Scott Davis

    Author of "Groovy Recipes" & TDD Expert

    Every time I see a live show at the Denver Botanic more»

  • Romain Guy

    Java User Interface expert.

    more»

  • Ramnivas Laddad

    Author of AspectJ in Action, Principal at SpringSource

    InfoQ.com has published my AOP myths and realities talk recorded at a No Fluff Just Stuff conference. InfoQ.com founded by Floyd Marine more»

  • David Geary

    Author of Graphic Java and co-author of Core JSF

    The 2006 NFJS tour kicked off t more»

  • Jason Hunter

    Author of Java Servlet Programming

    I just posted the JDOM 1.1 release for download. This release includes about 20 improvements and bug fixes. more»

  • Kito Mann

    Editor-in-chief of JSF Central and the author of JSF in Action

    In this three-part series, author and Java™ developer Andrei Cioroianu shows you how to automatically save form data in a Java Web... more»


In the Spotlight - Dean H. Saxe

Managing Consultant at Foundstone

Dean H. Saxe is a Managing Consultant at Foundstone, A Division of McAfee, where he is responsible for conducting web application penetration testing, threat modeling, code reviews, secure software development lifecycle (S-SDLC) design and implementation, and project management. Prior to joining Foundstone, Dean spent more than 8 years developing web application in Java and ColdFusion in a variety of industries. While working in the banking sector, Dean's interest in application security was sparked and has grown steadily over the past five years. Dean also provides client education services as a lead instructor of these Foundstone courses: Building Secure Software, Writing Secure Code: Java/J2EE, and Writing Secure Code: ColdFusion. Dean holds the CISSP and Certified Ethical Hacker designations.

When not working, Dean enjoying hiking, cooking, homebrewing and traveling the world.


















Presentations by Dean H. Saxe

Application Security Part 1: Stop the Bleeding

This session is geared for those who are ready to take the first steps towards securing their applications with minimal cost and effort. Most development teams know that they have not given security the attention it deserves, but also don't know where to begin. Should you run a scanning tool, go to security training, or just bury your head in the sand and pretend everything is OK?


What You Don't Know About Cryptography

This session provides a gentle introduction to cryptography then covers the many subtle mistakes that even experienced developers make when writing cryptographic code.


Application Security Part 2: Building a Software Security Program

This session provides a comprehensive, flexible plan for baking security into the software development lifecycle. First off, we will talk about why you would want to do such a thing and how to get support for it. Then the discussion will turn to the practical aspects of planning and implementing a secure SDLC, covering all aspects of people, process, and technology.


How to Do a Security Code Review

This session is a hand-on exercise in Java code review that will cover both manual and automated techniques. If you envision code review as a line-by-line slog through thousands of programs, you will be surprised to learn some effective techniques that reduce the tedium and increase your enjoyment of this activity (well, maybe not the enjoyment part). Familiar methods such as pair programming and peer reviews are a great place to start and will immediately increase the security of your code base.