Table of Contents Are you sitting comfortably?The CVE is (almost) not importantThe Inversion of the Security TimelineHabit vs. HypeThe Flawed Assumption of Loud AlertsPrioritising Changes Over StoriesThe main timelineAre we done?How the message dilutesA common scenerioWhat This Means to You …
-
🚀 The Future is Now: AI Code Assurance and MCP with SonarQube (Part 4)
Table of Contents Problem #1: “I see the bug, but I’m too lazy (or busy) to fix it”Problem #2: “My AI Assistant writes buggy code because it doesn’t know our rules”Problem #3: “How do I know if this Project with …
-
Optimizing Java for the Cloud-Native Era with Quarkus
Table of Contents What does Quarkus have to offer?Developer joy with live coding and dev modeCost efficiency and performanceReactive at its coreWhich of your current development pains could Quarkus solve?Dev ServicesVast extension ecosystem“OK, I would like to try it, but …
-
Quarkus: A Runtime and Framework for Cloud-Native Java
Table of Contents Why Quarkus stands out?Quarkus as a versatile frameworkSimplified developer experiencePerformance that mattersSecurityObservability and control surfacesModular and production-readyBuilding your stack with QuarkusConclusion Public clouds such as AWS, Microsoft Azure, and Google Cloud, and platforms like Red Hat OpenShift, …
-
🚀 Stop The Trojan Horse in Your pom.xml: SonarQube Advanced Security (Part 3)
Table of Contents Problem #1: “I didn’t write this bug, why is it my problem?”Problem #2: “The Dependency Hell” (Transitive Dependencies) 🔥Problem #3: “Wait, I can’t use this library? It’s open source!” ⚖️Problem #4: “The Sneaky Attack” (Advanced SAST & …
-
The Real Mechanics of Vulnerabilities in an Upstream/Downstream, Topsy-Turvy EOL World
Table of Contents In this article you’ll learnIntroductionWhat this article is aboutBack in the real worldCode FlowsA different type of waterfallUnpredictable as the weather?The idealised workflowThe ethics of vulnerability patchingUnreported is not safeDownstream’s responsibility to the ecosystemEnd of Life software …
-
The 5 Knights of the MCP Apocalypse 😱
Table of Contents 1. The “My Prompt is Leaking Secrets” Problem 🔑2. The “Is My Server a Double Agent?” Problem 🕵️3. The “Black Box of Vulnerabilities” Problem 🐛4. The “Context Pollution and Poisoning” Problem 🧪5. The “Too Many Cooks” Problem …
-
Java Security Starts with the JVM
Table of Contents 1. Security starts with timely, predictable updates Azul does it differently Why this matters 2. Long-term support = long-term security The problem Azul’s solution 3. A secure software supply chain How Azul secures the supply chain Key Takeaway 4. Beyond the JDK: proactive insights Why this matters 5. …
-
JC-AI Newsletter #8
Fourteen days have passed, and it is time to present a fresh collection of readings that could influence developments in the field of artificial intelligence. This newsletter focuses on examining how AI enhances productivity through enterprise studies, agentic system architecture, …
-
How Chat Memory Manipulation Can Ruin Your AI System
Table of Contents Do LLMs have any conversational memory?Implementing chat memory in your AI appChat messages with Java’s Langchain4JLLM chat memory injectionChat memory injection: Proof of conceptPreventing chat memory manipulation is key Do LLMs have any conversational memory? With the …
-
Save Time and Money by Reducing False Positives
Table of Contents The Production Scanning ChallengeHow AVD Architecture WorksDeployment Tagging and ReportingReducing False Positives Through Production ScanningClass-Level Precision for Maximum Efficiency Recently Azul announced that AVD (Azul Vulnerability Detection), which is our solution to scan for security vulnerabilities in …
