התחל במצב לא מקוון עם האפליקציה Player FM !
פודקאסטים ששווה להאזין
בחסות


Security in Java, what do we need to know and how to keep our applications secure (#7)
Manage episode 367848419 series 3366865
For this Foojay Podcast, we invited security experts to dive into the fascinating world of secure coding and detecting vulnerabilities in your Java applications. How can you make and keep your systems safe? That's what we want to find out...
Guests
- Steve Poole (Sonatype, @spool167)
- Brian Vermeer (Snyk, @BrianVerm, @brianverm@mastodon.social)
- Anastasiia Voitova (Cossack Labs, @vixentael, @vixentael@mastodon.social)
Podcast host
- Erik Costlow (Azul, @costlow, @costlow@mastodon.social)
Content
- 00'00 Short intro and music
- 00'15 Introduction about the topic of this podcast
- 00'31 Introduction of the guests and host
- 02'40 Foojay article written by Brain about dependencies
- 05'02 XML parsers in Java
- 05'55 "The more the merrier" versus "The less the better"
- 06'30 Foojay article written by Brain about the role of Data Transfer Objects in security
- 09'10 Extending on DTOs: encryption in data provisioning
- 11'10 Database entities versus DTOs and serialization
- 12'25 Developers need to be trained more on security and take responsibility
- 13'50 Don't design your own security solution
- 16'58 Cryptograpic dad joke... ;-)
- 17'40 What are CVEs (Common Vulnerabilities and Exposures)
- 20'40 Security in the layers of a Java environment
- 24'50 JAR signing
- 26'40 CWE with the W of Weaknesses and OWASP
- 29'40 How to evaluate vulnerability scores
- 31'23 CVEs as Pokemon, "You gotta catch them all" workshop
- 32'20 How to be able to fix vulnerabilities
- 33'57 About the recent critical SSL vulnerability
- 36'02 Libraries are linked (integrated) into a Java project
- 38'15 Security is an educational thing and understand your tools
- 39'90 Role of the different players in a team
- 46'32 Can the JVM itself be more secure
- 49'44 Make the JVM aware of vulnerable code
- 51'10 Security insights in IoT devices
- 1h01'30 Developers should learn about defending depth
- 1h02'10 Conclusion
77 פרקים
Manage episode 367848419 series 3366865
For this Foojay Podcast, we invited security experts to dive into the fascinating world of secure coding and detecting vulnerabilities in your Java applications. How can you make and keep your systems safe? That's what we want to find out...
Guests
- Steve Poole (Sonatype, @spool167)
- Brian Vermeer (Snyk, @BrianVerm, @brianverm@mastodon.social)
- Anastasiia Voitova (Cossack Labs, @vixentael, @vixentael@mastodon.social)
Podcast host
- Erik Costlow (Azul, @costlow, @costlow@mastodon.social)
Content
- 00'00 Short intro and music
- 00'15 Introduction about the topic of this podcast
- 00'31 Introduction of the guests and host
- 02'40 Foojay article written by Brain about dependencies
- 05'02 XML parsers in Java
- 05'55 "The more the merrier" versus "The less the better"
- 06'30 Foojay article written by Brain about the role of Data Transfer Objects in security
- 09'10 Extending on DTOs: encryption in data provisioning
- 11'10 Database entities versus DTOs and serialization
- 12'25 Developers need to be trained more on security and take responsibility
- 13'50 Don't design your own security solution
- 16'58 Cryptograpic dad joke... ;-)
- 17'40 What are CVEs (Common Vulnerabilities and Exposures)
- 20'40 Security in the layers of a Java environment
- 24'50 JAR signing
- 26'40 CWE with the W of Weaknesses and OWASP
- 29'40 How to evaluate vulnerability scores
- 31'23 CVEs as Pokemon, "You gotta catch them all" workshop
- 32'20 How to be able to fix vulnerabilities
- 33'57 About the recent critical SSL vulnerability
- 36'02 Libraries are linked (integrated) into a Java project
- 38'15 Security is an educational thing and understand your tools
- 39'90 Role of the different players in a team
- 46'32 Can the JVM itself be more secure
- 49'44 Make the JVM aware of vulnerable code
- 51'10 Security insights in IoT devices
- 1h01'30 Developers should learn about defending depth
- 1h02'10 Conclusion
77 פרקים
כל הפרקים
×
1 JCON Report, Part 3 - AI, ChatGPT, LLM, ML, RAG, MCP, GenAI, and more! (#74) 50:29

1 JCON Report, Part 2 – Evolutions in the Java Language and Runtime (#73) 47:26

1 JCON Report, Part 1 - Grow your career, public speaking, 30 years of Java, greener coding,... (#72) 53:43

1 Celebrating 30 Years of Java with James Gosling (#71) 1:14:29

1 Celebrating 5 Years of Foojay! (#70) 31:10

1 All Things Java at VoxxedDays Amsterdam (#69) 49:13

1 Welcome to OpenJDK (Java) 24 (#68) 54:53

1 Writing a book. Does it make you rich and famous? (#67) 1:15:28

1 Let's Talk About Java Code! Diving into Foojay blog posts... (#66) 54:59

1 Boost Your Career in 2025! (#65) 1:02:44

1 Interviews at JFall about opensource, OpenJDK evolutions, Project Loom, JVM,... (#64) 33:01

1 How do we keep our Java applications up to date and secure (#63) 43:12

1 Better Coding with AI: Friend or Enemy? (#62) 43:46

1 As a developer, how do we keep our body and mind healthy? (#61) 38:04

1 Proud Of Belgium: Devoxx, JobRunr, Timefold, OpenJDK Mobile, OpenJFX, Thymeleaf, htmx (#60) 35:38

1 DevRel Explained and How to Become a Conference Speaker 48:53

1 How Java Developers Can Secure Their Code (#58) 55:06

1 Welcome to OpenJDK (Java) 23 (#57) 1:07:29

1 Vectors in Java Code, Database, and LLMs (#56) 49:48

1 Embedded Java, Part 2 (#55) 1:09:52

1 Music and MIDI with Java and Kotlin (#54) 51:51

1 JCON Report, Part 5 (#53): CQRS, JOOQ, GraphQL, API, Vaadin, OpenRewrite, ErrorProne, Gateways,... 42:48

1 JCON Report, Part 4 (#52): Garbage Collectors, Test Containers, Flaky Tests, ToxiProxy, Virtual Threads 41:47

1 JCON Report, Part 3 (#51) - Persistence, Jakarta EE, GlassFish, Messaging via Telegram 40:52

1 JCON Report, Part 2 (#50) - Maven, Software Security, Code Quality 52:09

1 JCON Report, Part 1 (#49) - JUGs, Communities, Open Source, Generative AI, LangChain4j, Machine Learning 44:45

1 JUG Oberpfalz, JCON Conference, and JAVAPRO Magazine (#48) 38:49

1 Artificial Intelligence and Machine Learning with Java (#47) 44:30

1 JUG World Tour: JUG Switzerland (#46) 37:26

ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.