• Security in Java, what do we need to know and how to keep our applications secure (#7)

  • Nov 19 2022
  • Duración: 1 h y 3 m
  • Podcast

Security in Java, what do we need to know and how to keep our applications secure (#7) Por arte de portada

Security in Java, what do we need to know and how to keep our applications secure (#7)

Escúchala gratis

Ver detalles del espectáculo

  • Resumen

  • For this Foojay Podcast, we invited security experts to dive into the fascinating world of secure coding and detecting vulnerabilities in your Java applications. How can you make and keep your systems safe? That's what we want to find out...

    Guests

    • Steve Poole (Sonatype, @spool167)
    • Brian Vermeer (Snyk, @BrianVerm, @brianverm@mastodon.social)
    • Anastasiia Voitova (Cossack Labs, @vixentael, @vixentael@mastodon.social)

    Podcast host

    • Erik Costlow (Azul, @costlow, @costlow@mastodon.social)

    Content

    • 00'00 Short intro and music
    • 00'15 Introduction about the topic of this podcast
    • 00'31 Introduction of the guests and host
    • 02'40 Foojay article written by Brain about dependencies
      • https://foojay.io/today/best-practices-for-managing-java-dependencies/
    • 05'02 XML parsers in Java
    • 05'55 "The more the merrier" versus "The less the better"
    • 06'30 Foojay article written by Brain about the role of Data Transfer Objects in security
      • https://foojay.io/today/how-to-use-java-dtos-to-stay-secure/
    • 09'10 Extending on DTOs: encryption in data provisioning
    • 11'10 Database entities versus DTOs and serialization
    • 12'25 Developers need to be trained more on security and take responsibility
    • 13'50 Don't design your own security solution
      • https://www.cossacklabs.com/blog/cryptographic-failures-in-rf-encryption/
    • 16'58 Cryptograpic dad joke... ;-)
    • 17'40 What are CVEs (Common Vulnerabilities and Exposures)
    • 20'40 Security in the layers of a Java environment
      • https://imagetragick.com/
    • 24'50 JAR signing
    • 26'40 CWE with the W of Weaknesses and OWASP
      • https://owasp.org/www-project-top-ten/
      • https://www.exploit-db.com/
    • 29'40 How to evaluate vulnerability scores
      • https://foojay.io/today/java-security-log4j-the-securitymanager-and-funding/
    • 31'23 CVEs as Pokemon, "You gotta catch them all" workshop
    • 32'20 How to be able to fix vulnerabilities
    • 33'57 About the recent critical SSL vulnerability
    • 36'02 Libraries are linked (integrated) into a Java project
      • https://github.com/quarkusio/quarkus/issues/14904
    • 38'15 Security is an educational thing and understand your tools
    • 39'90 Role of the different players in a team
    • 46'32 Can the JVM itself be more secure
    • 49'44 Make the JVM aware of vulnerable code
    • 51'10 Security insights in IoT devices
      • https://www.cossacklabs.com/case-studies/iiot-security-a-hive-and-a-queen/
    • 1h01'30 Developers should learn about defending depth
    • 1h02'10 Conclusion
    Más Menos
activate_primeday_promo_in_buybox_DT
Educación Política y Gobierno
Más Menos

Lo que los oyentes dicen sobre Security in Java, what do we need to know and how to keep our applications secure (#7)

Calificaciones medias de los clientes

Reseñas - Selecciona las pestañas a continuación para cambiar el origen de las reseñas.

Reseñas de Audible.com

Opiniones de Amazon
No hay comentarios disponibles