My work experience at Surevine

By Ben Girvan My GCSE year was cut short by the COVID-19 pandemic. Instead of the usual 6 weeks summer holiday to fill, I found myself having to fill close to 6 months of holiday whilst also being kept away from my friends. I had put a huge amount of effort into my GCSE revision … Continued

User Story Analysis

The Problem There is a very common interaction that I’ve seen repeated in pretty much every project in every company I have ever worked for. It’s when a tester logs a bug and the developer argues that, actually, it’s working how it is supposed to work. The result of this is often a passive aggressive … Continued

Protocol Breaks

Little Bobby Tables Back in the day – and even today – one of the most common security flaws in websites was a “SQL Injection”. It’s where an attacker uses especially crafted data and puts it into innocent-looking fields within a form that are then used to construct a database query. Or, as XKCD readers … Continued

DRY principle with docker-compose

An oft-repeated and sensible principle in software engineering is DRY, or “don’t repeat yourself”. Here we will apply this principle to Docker compose files.

Building Docker images with Maven

To package our application, we’re going to be using Docker. The natural build language for Docker images are Dockerfiles, so we will use Spotify’s Dockerfile Maven plugin. This post is part of the “Spring Boot Primer” series. To make packaging as simple as possible, we will bind the Maven plugin’s build phases to the default build phases, so … Continued

Spring Boot 2.0 primer

Spring Boot is a very popular Java framework for creating standalone, production ready web applications. In this series of blog posts, we are going to walk through using Spring Boot 2.0 to build and deploy a simple CRUD REST application.

Keeping an eye on your website

I recently got embroiled in a discussion about NHS IT, and commented how people in the NHS need simple, cheap tools to help keep their head above water on maintaining systems, not necessarily complex security tooling. One practical example raised was website security, with a quick Google search revealing a number of websites under the … Continued

A Problem Shared

By the end of Friday, the first wave of the WannaCry Ransomware attack was over – a researcher (MalwareTechLab) had, in trying to gain further insight into the attack, inadvertently disabled its worst damage, preventing it “detonating”. The researcher wasn’t working alone – in fact, he was working alongside researchers all across the UK and … Continued