Securing Applications Isn't Just About Secure Code
All the common attacks we've known about for a very long time are still out there, and people still regularly make mistakes regarding them. If you want to write secure Java EE code and use the technology securely, you're on the right track. But there is a lot more to learn and know about securing your applications. There are also people and processes and how they best work together to build a suitable secure system. Derived from practice for use with everyday development such a system can make the Java EE space a little more secure.
Application Security Needs A Holistic Approach
To build a secure Java EE application, a holistic approach to application security is required and security must be applied at all layers and services. Even if everything else beside our own applications typically does not bother developers at all it becomes more important. Last but not least with the advent of DevOps. So, it doesn't hurt to be at least aware of everything that is going on around us. Let's start with the layer the farthest away. Secure applications rely on secure networks first of all. This includes everything from routeres, switches, firewalls or even application level firewalls. They need to be patched and correctly configured. Watch out for standard ports and passwords for admin consoles. Next is the operating system layer. Every part of your applications runs on a separate host eventually (Applicationserver, Database, Message Brokers), so you will have to watch out for latest patches and updates for all of them. But shared filesystems and possibly risky daemon processes are also something to watch out for. When you're done with that it is time to look at the platform services. This is where the JDK base-install fits in but also the application-server. Check policy files and default passwords for remote connections and web-based admin consoles.
From Here On, Application Security Starts
When the infrastructure is taken care of, we can look into application security. And it is typically divided up into six components: Authentication, Authorization, Auditing, Confidentiality, Integrity, Availability. All those components prevent your system from being exploited. A threat is a potential event that may affect your system. An attack exploits a vulnerability in your system. And ultimately this is what we want to prevent. Always adhere to the best practices for designing secure applications:
- Use least privilege
- Apply defense in depth
- Do not trust user input
- heck at the gate
- Fail securely
- Secure the weakest link
- Create secure defaults
- Reduce your attack surface
Watch the full talk on Vimeo to learn what Java EE has to offer around application security. And make sure to provide feedback in the comments and let me know, if there is anything else, you'd like me to talk about in the future.