Struts 2 Cybersecurity Flaw Affects All Versions

  Veracode Reports New Apache Struts 2 Security Problem From Veracode: “On Aug. 22 [2018], the Apache Software Foundation announced that a new critical remote code execution vulnerability was found in Apache Struts 2 (CVE-2018-11776). According to the Semmle Security Research Team, who first identified and reported the vulnerability, this flaw is ‘more critical’ than the Struts vulnerability behind the massive data breach...

Read More

Struts 2 Does Not Solve the Security Problem – Moving to Spring Does

Struts 1 is End of Life Apache has made it clear that if you are using Struts 1, you need to move. The question was asked, “Given a major security problem or a serious bug is reported for Struts 1 in [the] near future, can we expect a new release with fixes?” Apache’s answer:
“As of now, actually no – that is what the EOL announcement essentially is about. Since the end of support is reached, you will either need to find...

Read More

Migrating Struts to Spring

  What’s Wrong With Struts? If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies. Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth...

Read More

COTS Software

A Matter of Approach Program managers are faced with choosing between custom software development or the implementation of COTS Software to meet complex system requirements. ResQSoft’s adaptive reuse technology is equally proficient at developing custom applications from scratch or leveraging Commercial Off The Shelf (COTS) Software to build these systems. The key to success is our approach. Minimizing Risk The COTS Software approach is...

Read More

System-to-System Integration

What Does Integration Mean? At the most basic level, system-to-system integration means that one system can use information from another system, or that they can exchange information. In many older systems, this means that one system creates a file and sends it to the other system, usually by File Transfer Protocol (FTP) or Secure File Transfer Protocol (SFTP). In more modern systems, integration may not just mean exchanging data. It may also...

Read More