Brian Vermeer

Avatar photo

Brian Vermeer

Java Champions & Developer Advocate and Software Engineer for Snyk.

Passionate about Java, (Pure) Functional Programming, and Cybersecurity. Co-leading the Virtual JUG, NLJUG and DevSecCon community.

Brian is also an Oracle Groundbreaker Ambassador and regular international speaker on mostly Java-related conferences.

Do you want your ad here?

Contact us to get your ad seen by thousands of users every day!

[email protected]
Likes 3
Avatar photo
Avatar photo

Dominika Tasarz

Administrator

I'm a community builder focused on growing the global Java and Jakarta EE ecosystems. I specialise in community strategy, open source engagement and developer-focused technical marketing, building strong and collaborative...

Learn More
Comments 16
Shares 0
Articles 54
Views 343,9K

All 16 Comments

Latest post

Don’t Panic: The Thymeleaf Template Injection That Only Hurts If You Let It (CVE-2026-40478)

Table of Contents What the sandbox protects againstAbusing the templating engineHow the tab character breaks the Thymeleaf sandboxWhat you need to doThe CVSS score 9.1 is real, but conditionalThe Thymeleaf vulnerability with a CVSS score of 9.1 grabs your attention, ...

How Chat Memory Manipulation Can Ruin Your AI System

Table of Contents Do LLMs have any conversational memory?Implementing chat memory in your AI appChat messages with Java’s Langchain4JLLM chat memory injectionChat memory injection: Proof of conceptPreventing chat memory manipulation is keyDo LLMs have any conversational memory? With the use …

Ensuring Safe and Reliable AI Interactions with LLM Guardrails

Table of Contents Understanding LLM guardrailsHow guardrails workEasily implementing guardrails with QuarkusInput guardrailsOutput guardrailsSanitizing LLM input and outputIntegrating Large Language Models (LLMs) into our applications is becoming increasingly popular. These models are extremely useful for creating content, searching documentation, and …

Foojay Podcast #72: JCON Report, Part 1 – Grow your career, public speaking, 30 years of Java, greener coding,…

Table of Contents VideoPodcast AppsContentOn May 13th and 14th, Foojay attended the JCON conference in Köln, Germany, where we did over 30 live-stream interviews. In this episode, we present to you the first set of these interviews, in which we …

What is RAG, and How to Secure It

Table of Contents Why use RAGHow RAG Works1. Retrieval2. GenerationSecurity implications of using RAGPrompt injection through retrieved contentData poisoningAccess control gaps in retrievalLeaking PII to third-party modelsCaching risks and session bleedContradictory or low-quality informationProactive and remediation strategies for securing RAGSanitize …

Path Traversal Vulnerability in Deep Java Library (DJL) and Its Impact on Java AI Development

Table of Contents CVE-2025-0851 explainedAbsolute Path TraversalRemediationDeep Java Library (DJL) is an open source deep learning framework that brings AI capabilities to Java developers without requiring a shift to Python. It provides an intuitive, high-level API for building, training, and …

Creating SBOMs with the Snyk CLI

Table of Contents What are SBOMs?Why do we need SBOMs?Creating SBOMs with the Snyk CLIInstalling the Snyk CLIGenerate SBOMs using the Snyk CLIMultiple projectsAutomating SBOM generation with the Snyk CLIAnalyzing SBOMsSnyk CLI SBOM TestSupplying up-to-date SBOMs with SnykThe software bill …

Foojay Podcast #58: How Java Developers Can Secure Their Code

Table of Contents VideoPodcast AppsGuestsJonathan VilaBrian VermeerErik CostlowContentThree years after Log4Shell caused a significant security issue, we still struggle with insecure dependencies and injection problems. In this podcast, we’ll discuss how developers can secure their code. I talked with three …

The Persistent Threat: Why Major Vulnerabilities Like Log4Shell and Spring4Shell Remain Significant

Table of Contents The developer’s dilemmaThe current state of Log4shellMore than 20% of companies are still vulnerable to Log4shell.Spring4Shell in the wildWakeup call to all who maintain applicationsThis article was originally published at Snyk.io As developers, we’re constantly juggling features, …

Four Easy Ways to Analyze your Java and Kotlin Code for Security Problems

Nowadays, the security of your applications is just as important as the functionality they provide.

Join the Community

Be a Part of Our Network

Subscribe to foojay updates:

https://foojay.io/today/author/bmvermeer/feed/
Copied to the clipboard