Mansi Sheth

Mansi Sheth is a Principal Security Researcher at Veracode Inc. In her career, she has been involved with breaking, defending and building secure applications. Mansi researches various languages and technologies, finding insecure usages in customer code and suggests automation measures in finding vulnerabilities for Veracode's Binary Static Analysis service. She is an avid traveller with the motto "If not now, then when?”

Posts by Mansi Sheth
  • Java Crypto Catchup
    November 16, 2020  | Research
    Java Crypto Catchup

    In 2017, we started a blog series talking about how to securely implement a crypto-system in java. How to Get Started Using Java Cryptography Securely touches upon the basics of Java crypto, followed by posts around various crypto primitives Cryptographically Secure Pseudo-Random Number Generator (CSPRNG), Encryption/Decryption, and Message Digests. We also released a Java Crypto Module for… READ MORE

Stay up to date on Application Security

  • Java Crypto Libraries Go Modular
    October 5, 2018
    Java Crypto Libraries Go Modular

    To complement my recent Java Crypto blog series ("How to get Started Using Java Cryptography Securely", "Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)", "Encryption and Decryption in Java Cryptography", "Message Digests, aka Hashing Functions"), I have been referencing corresponding working code on the GitHub repository. I am happy to announce a brand-new, shiny, modularized,… READ MORE

  • Message Digests, aka Hashing Functions
    June 13, 2017  | Secure Development
    Message Digests, aka Hashing Functions

    This is the fourth entry in a blog series on using Java cryptography securely. The first entry provided an overview covering architectural details, using stronger algorithms and debugging tips. The second one covered Cryptographically Secure Pseudo-Random Number Generators. The third entry taught you how to securely configure basic encryption/decryption primitives. This post will teach you about… READ MORE

  • Encryption and Decryption in Java Cryptography
    April 18, 2017  | Secure Development
    Encryption and Decryption in Java Cryptography

    This is the third entry in a blog series on using Java cryptography securely. The first entry provided an overview covering architectural details, using stronger algorithms, and debugging tips. The second one covered Cryptographically Secure Pseudo-Random Number Generators. This entry will teach you how to securely configure basic encryption/decryption primitives. This blog series should serve as… READ MORE

  • Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)
    March 29, 2017  | Research
    Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)

    Skip to the tl;dr This is the second entry in a blog series on using Java cryptography securely. The first entry provided an overview and covered some architectural details, using stronger algorithms and some debugging tips . This entry covers Cryptographically Secure Pseudo-Random Number Generators. This blog series should serve as a one-stop resource for anyone who needs to implement a crypto-… READ MORE

  • How to Get Started Using Java Cryptography Securely
    March 17, 2017  | Secure Development
    How to Get Started Using Java Cryptography Securely

    Skip to the tl;dr Cryptography is the backbone of today's information systems. Its applications are all around us: secure email communications, storage of our login credentials, digital cash and mobile payments, to name just a few. Cryptography is one of the most complicated topics in information security, but the good news is we already have well-defined algorithms, implementations and protocols… READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

No thanks, back to the article please.