Java is everywhere. According to Oracle it’s on 3 billion devices and counting. We also know that Java is one of the most popular vehicles for delivering malware. But that’s just the plugin right? Well, maybe not. Java on the server can be just at risk as the client.
In this talk we’ll cover all aspects of Java Vulnerabilities. We’ll explain why Java has this dubious reputation, what’s being done to address the issues and what you have to do to reduce your exposure. You’ll learn about Java vulnerabilities in general: how they are reported, managed and fixed as well as learning about the specifics of attack vectors and just what a ‘vulnerability’ actually is. With the continuing increase in cybercrime it’s time you knew how to defend your code. With examples and code this talk will help you become more effective in reducing security issues in Java.
Steve has been working on Java SDKs and JVMs since Java was less than 1 year old - that's a long time! His current role is Developer Advocate at Sonatype, the company who automates software supply chain security to accelerate developer innovation.
His credentials are equally long; Developer Advocate, Security Champion, DevOps practitioner (whatever that means), long time Java developer, leader and evangelist. JavaOne Rockstar, JSR leader and representation, committer on open source projects including ones at Apache, Eclipse and OpenJDK.
Steve is a seasoned speaker and regular presenter at international conferences on technical and software engineering topics.