How to manage security for spring boot apps?

Jun. 19th, 2017 12:40 pm
reddragdiva: (geek)
[personal profile] reddragdiva

Dear Lazyweb! How do you manage keeping spring boot applications up to date?

We run an arseload of Java webapps. Our devs have taken a strong liking to spring boot, where everything including the Tomcat is uploaded as a JAR. A delight for them, but somewhat of a concern for the sysadmins who are the people first dealing with security issues.

So I've been asked to come up with recommendations to deal with this, and I haven't a clue as to how to do this other than laborious iterative checking, or automated versions thereof. Nor can I find recommendations.

Has anyone else got this problem or one like it? (Where applications are uploaded as a package that then runs.) What do you do?

From:
Anonymous (will be screened)
OpenID (will be screened if not on Access List)
Identity URL: 
User (will be screened if not on Access List)
Account name:
Password:
If you don't have an account you can create one now.
Subject:
HTML doesn't work in the subject.

Message:

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

reddragdiva: (Default)
divabot
My Website

July 2018

S M T W T F S
1234567
891011121314
15161718192021
22232425262728
29 3031    

Style Credit

Expand Cut Tags

No cut tags
Top of page