If you didn’t get a chance to place your swag order the store is now OPEN! Please use the link here to get to the online swag store. Quantities are very limited so be sure to get your swag before it runs out!
In today's fast-paced modern application development, there are many areas developers need to stay vigilant to security risks. For example, while open source modules are undoubtedly awesome, they also represent an undeniable and massive risk. You're introducing someone else's code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user's data. Equally, that line of code you wrote yesterday may just be the vulnerability that lets a hacker in tomorrow. You have heard about the OWASP Top 10, and you might be able to spot SQL injections in your code, but you're no security expert. You could be one vulnerability away from a severe system compromise. This talk let's you know you're not alone! We'll use a sample application, Goof, which uses various vulnerable dependencies, and itself contains security issues in its code. We will exploit issues as an attacker would in the real world and for each issue, we'll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.
Bio: Simon Maple is the Field CTO at Snyk, a Java Champion since 2014, JavaOne Rockstar speaker in 2014 and 2017, Duke's Choice award winner, Virtual JUG founder and organiser, and London Java Community co-leader. He is an experienced speaker, having presented at JavaOne, DevoxxBE, UK, & FR, DevSecCon, SnykCon, JavaZone, Jfokus, JavaLand, JMaghreb and many more including many JUG tours. His passion is around user groups and communities. When not traveling, Simon enjoys spending quality time with his family, cooking and eating great food.