Java is great and we all spend time on making it more performant, more scalable and maintainable. But we better should also spend some time on making it more secure. With all that new Java releases and features also come new vulnerabilities and exploits. Because Java is everywhere, it has a huge attack surface which makes it interesting for hackers to search for vulnerabilities in Java and foremost in Java based applications. This sessions will explain what all these mystique acronyms like NVD, CVE, CVSS, CPU, PSU etc. mean and how they are related to Java security. It will also be shown what tools are available to you to check whether your Java application is vulnerable to known issues.
Gerrit Grunwald is a software engineer that loves coding for around 40 years already. He is a true believer in open source and has participated in popular projects like JFXtras.org as well as his own projects (TilesFX, Medusa, Enzo, SteelSeries Swing, SteelSeries Canvas, JDKMon).
Gerrit blogs regularly at http://harmonic-code.org, he is an active member of the Java community, where he founded and leads the Java User Group Münster (Germany), he is a JavaOne rockstar and a Java Champion. He is a speaker at conferences and user groups internationally and writes for several magazines.