Live Hack: Finding Security Vulnerabilities Before They Find You!

30 Jul

5:00 pm LONDON, london , london, London

332

Description

Watch the live session broadcast on https://www.virtualjug.com

This is a virtual Meetup occurring at 5PM UK time (GMT). Just click to join when the time comes! The recording will be available immediately afterward.

Here’s a timezone calculator: https://www.timeanddate.com/worldclock/fixedtime.html?msg=vJUG+Live+Hack%3A+Finding+Security+Vulnerabilities+Before+They+Find+You%21&iso=20190730T17&p1=136&ah=1

Take part in the live session discussion on our slack channel: https://bit.ly/2ramaDW

Abstract:

Open source modules are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user’s data.

This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it. We’ll live hack exploits like the classic struts vulnerability that recently made it famous, along with Spring Break and several others.

Speaker: Brian Vermeer (@BrianVerm)

Brian is a Developer Advocate for Snyk and Software Engineer with over 10 years of hands-on experience in creating and maintaining software. He is passionate about Java, (Pure) Functional Programming and Cybersecurity. Brian is an Oracle Groundbreaker Ambassador, Utrecht JUG Co-lead, Virtual JUG organizer and Co-lead at TheSecureDeveloper. He is a regular international speaker on mostly Java-related conferences like JavaOne, Oracle Code One, Devoxx BE, Devoxx UK, Jfokus, JavaZone and many more. Besides all that Brian is a military reserve for the Royal Netherlands Air Force and a Taekwondo Master / Teacher.

Leave a comment

You should login with GitHub to comment

Be updated, subscribe to our signals

Inviting for a beer
See you there!

Thank you for RSVPing. Please, keep culture high and remove RSVP once you now you can not make it.

Well done!

Your commit was pushed to GitOrbit, let`s see what other guys think about it.

Ooops!

Something wrong...

You already like this article!

Please authorize!

sign in