Abstract
Wargames - Java vulnerabilities and why you should care
Java is great and we all spend time on making it more performant, more scalable and maintainable. But we better should also spend some time on making it more secure. With all that new Java releases and features also come new vulnerabilities and exploits. Because Java is everywhere, it has a huge attack surface which makes it interesting for hackers to search for vulnerabilities in Java and foremost in Java based applications. I’m not a Java security specialist and if you are like me wonder what all these mystique acronyms like NVD, CVE, CVSS, CPU, PSU etc. mean and how they are related to Java security, come to this session and I will explain it to you. It will also be shown what tools are available to you to check whether your Java application is vulnerable to known issues.
From Spring Boot 2 To Spring Boot 3 with Java 21 and Jakarta EE
Jakarta EE 9 changed its package namespace from javax.* to jakarta.*. This may sound like a trivial change that mostly affects Jakarta EE. So, why should Spring developers care?
As it turns out, the namespace changes ripple throughout the entire Java ecosystem. And Spring is no exception. Spring Framework 6 and Spring Boot 3 raised their baseline to Jakarta EE 9 API level which is supported by Tomcat 10 and Jetty 11 for example.
Attending this session will teach you how to make this migration as smooth as possible. A live coding demo will take you through the steps involved, and point out where to pay special attention. We will also briefly examine some of the changes planned for Jakarta EE 11 that will prepare you for what to expect in future versions of Spring.
Video - https://www.youtube.com/watch?v=VXGuKFfkp_M&t=2s
Bio
Gerrit Grunwald is a software engineer that loves coding for around 40 years already. He is a true believer in open source and has participated in popular projects like JFXtras.org as well as his own projects (TilesFX, Medusa, Enzo, SteelSeries Swing, SteelSeries Canvas, JDKMon).
Gerrit blogs regularly at http://harmonic-code.org, he is an active member of the Java community, where he founded and leads the Java User Group Münster (Germany), he is a JavaOne rockstar and a Java Champion. He is a speaker at conferences and user groups internationally and writes for several magazines.
Ivar Grimstad is the Jakarta EE Developer Advocate at Eclipse Foundation. He is a Java Champion and JUG Leader based in Sweden.
Besides advocating the Jakarta EE technologies, Ivar is contributing to the Jakarta EE specifications as well as being the PMC Lead for Eclipse Enterprise for Java (EE4J). He is also one of the specification leads for Jakarta MVC and represents Eclipse Foundation on the JCP Executive Committee.
Ivar is also involved in a wide range of other open-source projects and communities. He is a frequent speaker at International developer conferences.
|