yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
In many cases, the end of the year gives you time to step back and take stock of the last 12 months. This is when many of us take a hard look at what worked and what did not, complete performance reviews, and formulate plans for the coming year. For me, it is all of those things plus a time when I u...
I really like the CERT books. This one is no different, however, it is not one to read from cover to cover, at least not for me. It contains a catalog of rules for programming secure java code. What I have been doing is using it to look up rules about topics found in other resources that I have been using to learn the java environment.
Although the book contains a great index, there is an online version of this book which is really nice. It contains a really sweet search. I have been using that a lot to find the topics I am interested in, marking them in the book, and then reading about them in the book. The online version of the book contains all the code samples found in the book.
The is a nice introduction that you will want to completely read. It gives a really nice overview of java programming security issues and introduces the concepts that can make it safer. The concepts in this chapter introduce the chapters that contain the details rules.
After the introduction the book contains the following chapters. Input Validation and Data Sanitization, Declarations and Initialization, Expressions, Numeric Types and Operations, Object Orientation, Methods, Exceptional Behavior, Visibility and Atomicity, Locking, Thread APIs, Thread Pools, Thread-Safety Miscellaneous, Input Output, Serialization, Platform Security, Runtime Environment, and Miscellaneous.
There are a ton of nice code samples which show the commonly implemented noncompliant solutions and then the compliant solutions. I mentioned above they are all available online.
Although there is a free online version, I am not one to read e-books or anything on the computer I don't have to. I am on it way too much to want to read on it when I don't have to.
I find the author's writing style makes the book an easy read. It is also in a very nice format. Each chapter starts with a list of the rules it covers and a risk assessment summary. They then cover the rules and end with related guidelines and bibliography.
The thing I like most about the book is that although it makes it clear that it does not cover Design and Architecture, Content, Coding style, Tools, and Controversial Rules, I still believe all these areas will improve if you use the advice found in book.
All in all I highly recommend this book to every Java programmer.
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used t...
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Mana...
We all know that end users experience the internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your custom...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood pract...
Without lifecycle traceability and visibility across the tool chain, stakeholders from Planning-to-Ops have limited insight and answers to who, what, when, why and how across the DevOps lifecycle. This impacts the ability to deliver high quality software at the needed velocity to drive...
"DivvyCloud as a company set out to help customers automate solutions to the most common cloud problems," noted Jeremy Snyder, VP of Business Development at DivvyCloud, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.