Steve Poole is a DevOps practitioner (leading a large team of engineers on cutting edge DevOps exploitation ) and a long time IBM Java developer, leader and evangelist. He’s been working on IBM Java SDKs and JVMs since Java was less than 1. He's also had time to work on other things including representing IBM on various JSRs, being a committer on various open source projects including ones at Apache, Eclipse and OpenJDK. He’s also member of the Adopt OpenJDK group championing community involement in OpenJDK. Steve is a seasoned speaker and regular presenter at JavaOne and other conferences on technical and software engineering topics.
Java is everywhere. According to Oracle it’s on 3 billion devices and counting. We also know that Java is one of the most popular vehicles for delivering malware. But that’s just the plugin right? Well maybe not. Java on the server can be just at risk as the client.
In this talk we’ll cover all aspects of Java Vulnerabilities. We’ll explain why Java has this dubious reputation, what’s being done to address the issues and what you have to do to reduce your exposure. You’ll learn about Java vulnerabilities in general: how they are reported, managed and fixed as well as learning about the specifics of attack vectors and just what a ‘vulnerability’ actually is. With the continuing increase in cybercrime it’s time you knew how to defend your code. With examples and code this talk will help you become more effective in tacking security issues in Java.