JavaForum

Wargames - Java vulnerabilities and why you should care

JavaForum presents two talks this evening

Wargames - Java vulnerabilities and why you should care
Java is great and we all spend time on making it more performant, more scalable and maintainable. But we better should also spend some time on making it more secure. With all that new Java releases and features also come new vulnerabilities and exploits. Because Java is everywhere, it has a huge attack surface which makes it interesting for hackers to search for vulnerabilities in Java and foremost in Java based applications. This sessions will explain what all these mystique acronyms like NVD, CVE, CVSS, CPU, PSU etc. mean and how they are related to Java security. It will also be shown what tools are available to you to check whether your Java application is vulnerable to known issues.

From Spring Boot 2 to Spring Boot 3 with Java 21 and Jakarta EE
Jakarta EE 9 changed its package namespace from javax.* to jakarta.*. This may sound like a trivial change that mostly affects Jakarta EE. So, why should Spring developers care? As it turns out, the namespace changes ripple throughout the entire Java ecosystem. And Spring is no exception. Spring Framework 6 and Spring Boot 3 raise their baseline to Jakarta EE 9 API level which is supported by Tomcat 10 and Jetty 11 for example. Attending this session will teach you how to make this migration as smooth as possible. A live coding demo will take you through the steps involved, and point out where to pay special attention. We will also briefly examine some of the changes introduced in Jakarta EE 10 that will prepare you for what to expect from Spring 6.x. Some pointers to what we can expect from Jakarta EE 11 will also be provided.

Speaker:

Gerrit Grunwald - is a software engineer that loves coding for around 40 years already. He is a true believer in open source and has participated in popular projects like JFXtras.orgas well as his own projects (TilesFX, Medusa, Enzo, SteelSeries Swing, SteelSeries Canvas).  Gerrit blogs regularly at http://harmonic-code.org, he is an active member of the Java community, where he founded and leads the Java User Group Münster (Germany), he is a JavaOne rockstar and a Java Champion. He is a speaker at conferences and user groups internationally and writes for several magazines.

Ivar Grimstad - is the Jakarta EE Developer Advocate at Eclipse Foundation. He is a Java Champion and JUG Leader based in Sweden. Besides advocating the Jakarta EE technologies, Ivar is contributing to the Jakarta EE specifications as well as being the PMC Lead for Eclipse Enterprise for Java (EE4J). He is also one of the specification leads for Jakarta MVC and represents Eclipse Foundation in the JCP Executive Committee. Ivar is also involved in MicroProfile, Apache NetBeans, and a wide range of other open-source projects and communities. He is a frequent speaker at International developer conferences.

Agenda:

17:15 - 17:30 Meet & Greet
17:30 - 18:15 Wargames - Java vulnerabilities and why you should care
18:15 - 18:45 PIzza
18:45 - 19:30 From Spring Boot 2 to Spring Boot 3 with Java 21 and Jakarta EE
19:30 - 20:00 Mingle