There's a good chance you're using a CDN, or at least depending on some third party to provide scripts (perhaps for analytics). How do you know the browser has fetched the correct resource? How can you prevent the script from loading if it changes? That's where Subresource Integrity comes in.
HTTP Strict Transport Security
Do you want to ensure that your users only access you site securely, even if they're using old links that explicitly tell them to use HTTP? That's exactly what HSTS is designed to address.
Web Security Series
A series of articles on web security techniques, IETF specifications and W3C recommendations. Each article focuses on one topic explaining what it is, how it works, and why you should care
Updates to dropwizard-cassandra
Two new releases are available with support for Dropwizard 1.0, Java 8, and the latest Cassandra driver