Menu
Why this workshop?
Security issues and cybercrime are rising to an alarming rate. As a Java web developer, you should be aware of how important security and securing your client’s data is. In this workshop, you will become the hacker and exploit vulnerabilities in packages that exist in the wild that might be part of your Java applications today. We will also show you how to protect yourself from these threats by building up a pipeline and development workflow with security testing in mind. This practical hands-on session will be fun and leave you with actionable takeaways on how to implement DevSecOps and prepare against the big bad world.
Why attend this workshop
security is something that should be incorporated from the start, not as an afterthought
learn about common vulnerabilities and problems in Java applications and how you can mitigate this
take a deep dive into actionable steps you can take to find security vulnerabilities early and often
Who is it for?
software engineers working on production systems in Java
any developer that agrees that security is essential and that it is a shared responsibility
active learners that want to know how to incorporate security in a scalable way
people that like to see live exploits and learn how to prevent them in their own applications
What will you learn?
security is more than authentication and authorization
core security concepts every developer should know
spot common code constructions that lead to vulnerabilities in your applications
security vulnerabilities that come from third-party libraries in
tooling that can be used to find and fix security problems
building a secure pipeline for your application to mitigate security issues
Technical requirements:
JDK 11 installed
Maven installed
decent IDE (preferably IntelliJ Community or Ultimate latest version)
unrestricted access to your work machine
a Github account with unrestricted access
Docker desktop installed
Who is the trainer?​
Brian Vermeer is Staff Developer Advocate for Snyk, Java Champion, and Software Engineer with over a decade of hands-on experience in creating and maintaining software. He is passionate about Java, (Pure) Functional Programming and Cybersecurity. Brian is a JUG leader for the Virtual JUG and the NLJUG. He also co-leads the DevSecCon community and is a community manager for Foojay. He is a regular international speaker on mostly Java-related conferences like JavaOne, Devnexus, Devoxx, Jfokus, JavaZone and many more. Besides all that, Brian is a military reserve for the Royal Netherlands Air Force and a Taekwondo Master / Teacher.
