Tag: Best practices

The key to security is to ensure that your most sensitive data is handled with proper controls in place. This should include working with your architects to explore the architecture of applications that handle the most critical data, starting from the data elements themselves and fanning out via impact diagrams (for example, CAST does this with the Application Intelligence Platform). Over time, your team will be able to establish secure architecture components that should handle all sensitive data.
Following Best Practices to Achieve Application Security & Reduce Risk

I’ve recently been involved in helping CAST Research Labs analyze a large sample of Java EE applications (496 apps), looking to understand the impact of different frameworks on application structural quality. We analyzed these applications using CAST’s Application Intelligence Platform (AIP) to identify critical violations of architectural and coding practices. While looking at the critical violations that were detected by CAST, something struck me: The success ratio (i.e. the ratio between the number of times a rule is violated and the number of opportunities this rule could have been violated) for rules associated to Hibernate was particularly low, indicating issues related to performance and robustness for applications using this framework. (The details of the report will be published next week – we presented a preview of the analysis during a webinar in January.)

Using Hibernate Frameworks: What Are the Best Practices?