Steve Poole

Avatar photo

Steve Poole

HeroDevs

Do you want your ad here?

Contact us to get your ad seen by thousands of users every day!

[email protected]
Likes 0
Comments 1
Shares 1
Articles 12
Views 40,7K
Latest post

The Shai-Hulud Cyber Worm and more thoughts on supply chain attacks.

Table of Contents first, a word about ecosystemsSpeed first.Still optimised for speed.Open Source Security Doesn’t Work the Way You Think It DoesThis matters more than people realise.The Inevitable AI in the MixEnter Shai-HuludThen it pivoted.The defining shift.This Is Also What ...

FOSDEM 2026 and the Open Source Firehose

Table of Contents The Chaos and the CrowdFOSDEM isn’t a conference so much as a live snapshot of the open source ecosystem in action.Navigating the FirehoseSo why go in person when you could watch from your sofa?Trends and Tensions in …

Security Doesn’t Start at Liftoff

Table of Contents Are you sitting comfortably?The CVE is (almost) not importantThe Inversion of the Security TimelineHabit vs. HypeThe Flawed Assumption of Loud AlertsPrioritising Changes Over StoriesThe main timelineAre we done?How the message dilutesA common scenerioWhat This Means to You …

The Real Mechanics of Vulnerabilities in an Upstream/Downstream, Topsy-Turvy EOL World

Table of Contents In this article you’ll learnIntroductionWhat this article is aboutBack in the real worldCode FlowsA different type of waterfallUnpredictable as the weather?The idealised workflowThe ethics of vulnerability patchingUnreported is not safeDownstream’s responsibility to the ecosystemEnd of Life software …

Time to panic? AI and Cybercrime legislation is on your doorstep now

Table of Contents Accountability Cannot Be OutsourcedThe AI Act: Europe’s Regulatory BeaconThe US: Executive Orders and Sector-Specific PushUK and China: Innovation vs ControlFollowing the tech …What’s Next? As we settle into 2025, legislation around AI and cybercrime is no longer …

Thinking differently about testing

Table of Contents 10x Insights on a different view of quality assuranceBugs costWhen’s the best time to find bugs?How should we really test?Changing the status quoThree challenges to overcomeWe have almost all the piecesTesting is multiI-dimensionalTortoise and the Hare vs …

Foojay Podcast #50: JCON Report, Part 2 – Maven, Software Security, Code Quality

This is part 2 of the interviews we recorded at the JCON conference earlier this month in Germany. In this episode, you get two main topics: Maven and Code Quality.

Crowd-Publishing the 10x Java Dev Book

The “enlightenment roadmap” of a Java developer can be scary. How do you become the 10x Java Developer you always dreamed of becoming?

Generative AI and Java – hype or urgent reality?

AI and Java what is there?, what can it do?, what do we want it to do?, Asking for your input readers. Share your thoughts at Foojay.io

9th Software Supply Chain Report
State of the Software Supply Chain Report: Key Takeaways for Java Developers

Sonatype have just released the 9th edition of their State of the Software Supply Chain Report. I thought I’d pull out some highlights for Java Developers!

2023 Community Survey

Friends of OpenJDK Community Survey. Kickoff and instructions for a community driven data gathering exercise.

Join the Community

Be a Part of Our Network

Mastodon

Subscribe to foojay updates:

https://foojay.io/today/author/steve-poole/feed/
Copied to the clipboard