Authors

Mansi Sheth

Mansi Sheth is a Principal Security Researcher at Veracode Inc. In her career, she has been involved with breaking, defending and building secure applications. Mansi researches various languages and technologies, finding insecure usages in customer code and suggests automation measures in finding vulnerabilities for Veracode's Binary Static Analysis service. She is an avid traveller with the motto "If not now, then when?”

Posts by Mansi Sheth

Java Crypto Libraries Go Modular

October 5, 2018

To complement my recent Java Crypto blog series ("How to get Started Using Java Cryptography Securely", "Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)", "Encryption and Decryption in Java Cryptography", "Message Digests, aka Hashing Functions"), I have been referencing corresponding working code on the GitHub repository. I am happy to announce a brand-new, shiny, modularized,... READ MORE›

Stay up to date on Application Security

Message Digests, aka Hashing Functions

June 13, 2017 | Secure Development

This is the fourth entry in a blog series on using Java cryptography securely. The first entry provided an overview covering architectural details, using stronger algorithms and debugging tips. The second one covered Cryptographically Secure Pseudo-Random Number Generators. The third entry taught you how to securely configure basic encryption/decryption primitives. This... READ MORE›

Encryption and Decryption in Java Cryptography

April 18, 2017 | Secure Development

This is the third entry in a blog series on using Java cryptography securely. The first entry provided an overview covering architectural details, using stronger algorithms, and debugging tips. The second one covered Cryptographically Secure Pseudo-Random Number Generators. This entry will teach you how to securely configure basic encryption/decryption primitives. This blog... READ MORE›

Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)

March 29, 2017 | Research

Skip to the tl;dr This is the second entry in a blog series on using Java cryptography securely. The first entry provided an overview and covered some architectural details, using stronger algorithms and some debugging tips . This entry covers Cryptographically Secure Pseudo-Random Number Generators. This blog series should serve as a one-stop resource for anyone who needs to implement... READ MORE›

How to Get Started Using Java Cryptography Securely

March 17, 2017 | Secure Development

Skip to the tl;dr Cryptography is the backbone of today's information systems. Its applications are all around us: secure email communications, storage of our login credentials, digital cash and mobile payments, to name just a few. Cryptography is one of the most complicated topics in information security, but the good news is we already have well-defined algorithms, implementations and protocols... READ MORE›

Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.

*Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

**Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.