Table of Contents Are you sitting comfortably?The CVE is (almost) not importantThe Inversion of the Security TimelineHabit vs. HypeThe Flawed Assumption of Loud AlertsPrioritising Changes Over StoriesThe main timelineAre we done?How the message dilutesA common scenerioWhat This Means to You …
-
The Real Mechanics of Vulnerabilities in an Upstream/Downstream, Topsy-Turvy EOL World
Table of Contents In this article you’ll learnIntroductionWhat this article is aboutBack in the real worldCode FlowsA different type of waterfallUnpredictable as the weather?The idealised workflowThe ethics of vulnerability patchingUnreported is not safeDownstream’s responsibility to the ecosystemEnd of Life software …
-
Time to panic? AI and Cybercrime legislation is on your doorstep now
Table of Contents Accountability Cannot Be OutsourcedThe AI Act: Europe’s Regulatory BeaconThe US: Executive Orders and Sector-Specific PushUK and China: Innovation vs ControlFollowing the tech …What’s Next? As we settle into 2025, legislation around AI and cybercrime is no longer …
-
Thinking differently about testing
Table of Contents 10x Insights on a different view of quality assuranceBugs costWhen’s the best time to find bugs?How should we really test?Changing the status quoThree challenges to overcomeWe have almost all the piecesTesting is multiI-dimensionalTortoise and the Hare vs …
-
Foojay Podcast #50: JCON Report, Part 2 – Maven, Software Security, Code Quality
This is part 2 of the interviews we recorded at the JCON conference earlier this month in Germany. In this episode, you get two main topics: Maven and Code Quality.
-
Crowd-Publishing the 10x Java Dev Book
The “enlightenment roadmap” of a Java developer can be scary. How do you become the 10x Java Developer you always dreamed of becoming?
-
Generative AI and Java – hype or urgent reality?
AI and Java what is there?, what can it do?, what do we want it to do?, Asking for your input readers. Share your thoughts at Foojay.io
-
State of the Software Supply Chain Report: Key Takeaways for Java Developers
Sonatype have just released the 9th edition of their State of the Software Supply Chain Report. I thought I’d pull out some highlights for Java Developers!
-
2023 Community Survey
Friends of OpenJDK Community Survey. Kickoff and instructions for a community driven data gathering exercise.
-
SBOMs: First Steps in a New Journey for Developers
Software bill of materials, anyone? A year ago, developers had not heard of the ‘SBOM’ acronym… and now SBOM visualiser called BOM Doctor.
