Brian Vermeer49 articles
Deep Java Library (DJL) is an open source deep learning framework that brings AI capabilities to Java developers without requiring a shift to Python. It provides an intuitive, high-level API for building, training, and deploying machine learning models, supporting deep …
-
Creating SBOMs with the Snyk CLI
The software bill of materials (SBOM) is quickly becoming an essential aspect of open source security and compliance. In this post, we’ll delve into what SBOMs are, why they’re necessary, and their role in open source security. What are SBOMs? …
- Brian Vermeer
-
Foojay Podcast #58: How Java Developers Can Secure Their Code
Three years after Log4Shell caused a significant security issue, we still struggle with insecure dependencies and injection problems. In this podcast, we’ll discuss how developers can secure their code. I talked with three authors who posted a security and code …
- Brian Vermeer,
- Erik Costlow,
- Frank Delporte,
- Jonathan Vila
-
The Persistent Threat: Why Major Vulnerabilities Like Log4Shell and Spring4Shell Remain Significant
This article was originally published at Snyk.io As developers, we’re constantly juggling features, fixes, and deadlines. Yet, a lurking issue has been surprisingly overlooked: the continued use of vulnerable Log4j and Spring Framework versions in many projects. Despite the high-profile …
-
Four Easy Ways to Analyze your Java and Kotlin Code for Security Problems
Nowadays, the security of your applications is just as important as the functionality they provide.
-
Securing Symmetric Encryption Algorithms in Java
Encryption is converting readable data or plaintext into unreadable data or ciphertext, ensuring that even if encrypted data is intercepted, it remains inaccessible to unauthorized individuals.
-
Handling security vulnerabilities in Spring Boot
Keeping your dependencies in check is crucial to ensure that your Spring Boot projects run smoothly and remain resilient in the face of ever-evolving threats.
-
Using JLink to create smaller Docker images for your Spring Boot Java application
An in-depth exploration of utilizing JLink to optimize Docker image sizes, enhancing application security and performance.
-
SnakeYaml 2.0: Solving the unsafe deserialization vulnerability
In December of last year, we reported CVE-2022-1471 to you. This unsafe deserialization problem could easily lead to arbitrary code execution.
-
Preventing Cross-Site Scripting (XSS) in Java applications with Snyk Code
By taking a proactive approach to XSS prevention and using the right resources and tools, developers can help ensure the security and integrity of their Java web applications.
-
Mitigating Path Traversal Vulnerabilities in Java
Path traversal vulnerabilities are a serious threat to Java web applications, amongst the top security issues Snyk finds in Java code.