Spring SQL Injection Guide: Examples and Prevention

Introduction As hackers find increasingly creative ways to attack applications, organizations must try to stay one step ahead in protecting themselves, even from the most common types of attacks and across a variety of frameworks. Let’s start this post with a few definitions. SQL Injection SQL injection is a common way that hackers and users with malicious intentions attempt to hack applications. In an SQL injection, they “inject” values into a database query in order to gain visibility into the database’s structure and eventually gain access to personal data stored in the …

Agile Project Management: The Field Guide

Software projects differ from projects in other engineering disciplines. For instance, if you think about a construction project that’s late and off schedule, you’ll (rightfully) think that adding more construction workers to the pool of employees working on the project will speed things up. The same happens for software projects, no? Well, no. It doesn’t. As described in the seminal book The Mythical Man-Month, “Adding manpower to a late software project makes it later” (p. 25). How can that be?  This post is about agile project management in software projects and will try to …

SQL vs NoSQL Performance: Where One Outperforms the Other

NoSQL databases have taken the world by storm in recent years. What started as a niche phenomenon grew to rival the popularity of the “old” SQL relational databases. However, relational databases still have their use cases and are not going to disappear anytime soon. In this post, I’ll discuss the differences between SQL and NoSQL databases and do an analysis of their respective performance. Lastly, I’ll give a list of use cases for which one is better than the other and vice versa. What Are SQL Databases? SQL databases, or relational databases, …

Column-Oriented Database Examples: A Helpful List

Column-oriented databases have seen a resurgence in interest in recent years. The first column-oriented databases appeared decades ago. However, they have never gained a lot of traction in the market. In recent years, though, big data and cloud computing spurred a new interest in these types of databases. The reason for this is that the unique implementation of columnar databases fits surprisingly well into the workloads and applications run in cloud computing. More on this below. In this post I’ll discuss the following: What are column-oriented databases? How do they differ from …

Tips for Optimizing Apps Running in Heroku

Heroku is a popular platform-as-a-service (PaaS) cloud that allows you to run your applications in a serverless manner. This post is about optimizing applications running in Heroku: making them run faster, giving them better security, and generally fine-tuning them. What Is Heroku? Heroku was the front-runner in the relatively new field of PaaS providers. It was among the first companies to offer a fully serverless solution. Heroku offered developers the ability to concentrate on writing their code rather than managing and tuning the running environment of their applications. Essentially, it removed the …

How to Facilitate a DevOps Culture in Your Organization

DevOps has taken the world by storm in recent years. The job boards, forums, Facebook groups, etc. are all exploding with DevOps positions, DevOps tools and DevOps events. This post is about best practices in facilitating a DevOps culture in your organization. It’s easier to do your job as a DevOps expert when everyone are on board. DevOps Best Practices for facilitating a DevOps culture in your organization Best practice #1 – get the management team on board You certainly know your craft well: you can deploy CI/CI Jenkins pipelines with your …

Using H2 as in memory database for unit/component tests instead of MySQL

h2 database

So following my recent post regarding the creation of a component test framework – let’s take a closer look in the use case of using H2 as a lightweight in memory database instead of MySQL, for your unit/component tests. Benefits of using H2 instead of MySQL It makes a lot of sense to use H2 in the context of component tests instead of MySQL: You can create and destroy a DB/table/data on the fly – once the tests are done the DB disappears. Compare this to having to rollback manually every change …