File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

General question on preventing malicious code promotion

 
Thomas Kennedy
Ranch Hand
Posts: 137
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Where can I look for guidance on the general question of how to prevent malicious code from being added to an EAR before it is promoted to the server?
 
Tim McGuire
Ranch Hand
Posts: 820
IntelliJ IDE Tomcat Server VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How is the malicious code being introduced?

Are you looking for a way to scan the code before it is deployed, or a way to prevent malicious people from breaking into your code base and adding their code?
 
Thomas Kennedy
Ranch Hand
Posts: 137
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Good question. This request is from our customer and I'm not sure they know what their concern is. I would say, scanning for nasties before the code is promoted is what is on their mind.
 
Tim McGuire
Ranch Hand
Posts: 820
IntelliJ IDE Tomcat Server VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OWASP has a page about this:
https://www.owasp.org/index.php/Source_Code_Analysis_Tools

are you using some kind of build and deploy tool like Jenkins?
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic