Security & PrivacyConference45min
The Hidden Security Hazards in Your Java Stack
This session exposes common security pitfalls in cloud-native Java development, such as unsafe dependencies, unverified containers, and overreliance on AI or internet code. Through real-world examples and live demos, attendees learn practical techniques to identify and mitigate these risks, ensuring safer and more secure cloud-native Java applications.
talk.summaryAiDisclaimer
Brian VermeerSnyk
talkDetail.whenAndWhere
Thursday, April 23, 15:40-16:25
Paris 242AB
Building cloud-native Java apps feels smooth. You move fast, code freely, and ship often. But that same vibe coding mindset can open the door to serious security problems. Copying code from the internet or trusting your AI assistant too much can introduce unsafe logic. Adding libraries without checking them and running container images you did not build can silently expose your application to attacks.
In this session, you will see how modern Java stacks become vulnerable through real-world examples and live hacking. From untrusted dependencies to misconfigured containers, we will explore the common traps developers fall into. You will walk away with practical techniques to spot these risks early and keep your code secure in the cloud-native world.
In this session, you will see how modern Java stacks become vulnerable through real-world examples and live hacking. From untrusted dependencies to misconfigured containers, we will explore the common traps developers fall into. You will walk away with practical techniques to spot these risks early and keep your code secure in the cloud-native world.
Brian Vermeer
Staff Developer Advocate for Snyk, Java Champion, and Software Engineer with over a decade of hands-on experience in creating and maintaining software. He is passionate about Java, (Pure) Functional Programming and Cybersecurity. Brian is a JUG leader for the Virtual JUG and the NLJUG. He also co-leads the DevSecCon community and is a community manager for Foojay. He is a regular international speaker on mostly Java-related conferences like JavaOne, Devnexus, Devoxx, Jfokus, JavaZone and many more. Besides all that, Brian is a military reserve for the Royal Netherlands Air Force and a Taekwondo Master / Teacher.
