Kafka Cluster Setup with Docker and Docker Compose

Today I’m going to show you how to setup a local Apache Kafka cluster for development using Docker and Docker Compose.I assume you have a basic understanding of Docker and Docker Compose and already got it installed. So let’s get started. What is Apache Kafka?Kafka was initially developed at LinkedIn as a messaging queue. It […]
Sascha Müller
Sascha Müller
comment icon 0 20.05.2021

How to train your transformer

In this blogpost I describe a transformer project, how I proceeded, the results, the pitfalls and more. At the end of the post I will repeat all salient points in a TL;DR, so if you are short of time, just skip ahead. The transformer is currently the hottest Deep Learning model. Introduced in 2017, it […]
Dr. Philipp Bongartz
Dr. Philipp Bongartz
comment icon 0 27.04.2021

Security advisory for path traversal in pixx.io

Path traversal is a security vulnerability (CWE-23: Relative Path Traversal), that can be abused by attackers to get unauthorized access to files.Web applications often include or offer downloading files that are stored on the web server. These files can be referenced by a relative or absolute path. For example, an URL with a reference to […]
Florian Weller
Florian Weller
comment icon 0 26.04.2021

Customize react-leaflet-draw

You are using React? You want to implement the functionality to draw on a map? You are already using react-leaflet-draw, but want to customize some things?When your answer to the first two questions is yes, the next section of this article will give you advice which possibilities react-leaflet-draw and leaflet-draw offer you, but other frameworks […]
Christian Zielke
Christian Zielke
comment icon 0 27.01.2021

Security advisory for open redirect in Vodafone components

Open redirect is a security vulnerability (CWE-601: URL redirection to untrusted site), that can be abused by attackers to forward users to dangerous pages.A web application receives a query parameter with a location, which is normally some kind of internal resource or URL, and sends a HTTP response with status code 301 or 302 with […]
Sebastian Schwegler
Sebastian Schwegler
comment icon 1 21.01.2021

Warum selbst das beste Tool einen echten Penetrationstest nicht ersetzen kann

Beim Durchführen von Penetrationstests erlebt man immer wieder Überraschungen und findet Fehler, die man sich in seinen kühnsten Träumen nicht vorstellen kann. So auch bei einem eigentlich ganz normalen Penetrationstest für einen Kunden.Zu testen war eine digitale Plattform, die einen Produktpreis sowie einen Rabattfaktor mit vertretungsberechtigten Personen verknüpft, sodass diese Personen dann mit den verknüpften […]
Sebastian Schwegler
Sebastian Schwegler
comment icon 1 03.11.2020

Memory leaks from CDI

The usual way of dependency injection with CDI using @Inject offers an extremely efficient mechanism to supply an object with its dependencies. However, there are scenarios where a dynamic version of dependency injection is required. For those cases, CDI offers javax.enterprise.inject.Instance, an interface that allows for the dynamic injection of new instances at runtime on […]
Fabian König
Fabian König
comment icon 0 19.06.2020

Statische Codeanalyse: Xanitizer und RIPS im Vergleich

SAST, was für static application security testing steht, ist eine Phase im Software Development Lifecycle (SDL). Ziel dieser Phase ist es, frühzeitig Sicherheitslücken in Softwarecode zu erkennen, sodass diese gar nicht erst in nachgelagerte Systeme gelangen. Neben der statischen Analyse wird auch noch die dynamische Analyse praktiziert, diese setzt jedoch ein lauffähiges Programm voraus.SAST ist […]
Sebastian Schwegler
Sebastian Schwegler
comment icon 0 17.06.2020

Why does the Covid-19 fatality rate vary so much between countries?

This blog post is a data exploration in the context of an internship. We will apply data science methods to Covid-19 data to give a little insight into both data science and the Covid-epidemic. We will present some simple methods and encounter some typical pitfalls – and hopefully unearth some interesting facts.The Covid-19 data we […]
Dr. Philipp Bongartz
Dr. Philipp Bongartz
comment icon 0 10.06.2020

A peek into Automated Machine Learning

A typical Machine Learning (ML) problem is about prediction such as in Forecasting for data-driven decision making or Credit Risk Analysis Using Machine Learning. If the predicted value is a real number, we use regression. For discrete labels (like TRUE and FALSE or WARM and COLD) we use classification. In order to train a machine […]
Felix Kaus
Felix Kaus
comment icon 0 21.01.2020

Credit Risk Analysis Using Machine Learning

Approving loans without proper scientific evaluation increases the risk of default. This can lead to bankruptcy of lending agencies and consequently the destabilization of the banking system. This is what happened in the 2008 financial crisis which affected the world economy adversely. Three components decide the amount of loss that a firm faces as a […]
Dr. Dibyajyoti Dutta
Dr. Dibyajyoti Dutta
comment icon 0 10.12.2019

Using Word Embeddings for Business Insights

Transforming raw text into applicable business insights for data-driven decision making is not a trivial task. Following the Natural Language Processing (NLP) breakthrough of a Google research team on Word Embeddings, words or even sentences are efficiently represented as vectors (please refer to Mikolov et al., 2013a, and Mikolov et al., 2013b).Given these vectors, unstructured […]
Felix Kaus
Felix Kaus
comment icon 1 30.10.2019

So sorgen Sie für mehr Sicherheit im Software Development Lifecycle

SDLC steht für Software Development Lifecycle (dt. Software-Lebenszyklus). Ein SDLC ist im Wesentlichen eine Reihe von Schritten oder Phasen, die einen Rahmen für die Entwicklung von Software und deren Verwaltung über den gesamten Lebenszyklus bieten. Obwohl es nicht nur eine Technik oder Möglichkeit gibt, Anwendungen und Softwarekomponenten zu entwickeln, gibt es etablierte Methoden, die von [...]
Javan Rasokat
Javan Rasokat
comment icon 0 19.08.2019

Data science and machine learning applications for business success

In the last years technologies such as data science, artificial intelligence and predictive analytics have become increasingly popular. The academic field behind these technologies is called machine learning. The core idea is that the computer (the machine) learns autonomously from data and generates business insights and leads to data-driven decision making. In this article we […]
Oliver Weisse
Oliver Weisse
comment icon 0 11.06.2019