Menu
Peaceful Sleeping In the Age Of Shells: How Tooling Can Help You Protect Your Code Base
Olimpiu is a technology executive, who balances his tech savviness with a focus on people and their wellbeing. A constant explorer of new technology trends, he enjoys digesting and spreading knowledge through podcasts or written articles. He is a strong believer in the power of communities and open source, getting involved in technical community building and curating content for conferences as program committee.
Even though he started working with Java in the days of the 1.4 JDK, lately he explored other ecosystems like JS and Go continuously trying to learn other languages and paradigms.
You can find content curated or written by him on JavaAdvent and InfoQ. For the daily dose of cybersecurity and open source 505updates.com.
Developer Advocate, Security Champion, DevOps practitioner (whatever that means) Long time Java developer, leader and evangelist. I’ve been working on Java SDKs and JVMs since Java was less than 1. JavaOne Rockstar, JSR leader and representation, Committer on open source projects including ones at Apache, Eclipse and OpenJDK. A seasoned speaker and regular presenter at international conferences on technical and software engineering topics.
Abstract
Log4Shell and SpringShell are just the vulnerabilities that managed to get everybody’s attention, but vulnerabilities that can be as harmful as them are also being discovered. This presentation will provide more information about the existing threats and where to stay informed about them and hint at a couple of tools that can help you keep your code base on products more secure. Â
In the first part, Steve Poole will present an extract of the data that Sonatype gathers daily regarding threats and explain what are the top vulnerabilities you need to be aware of.
In the second part, Olimpiu Pop will present a couple of tools that will allow you to automate the securing of your source code and supply chain.
