Author(s)
Building cloud-native Java applications is undoubtedly awesome.
However, it comes with undeniable new risks. Next to your own code, you are relying on so many other things.
Blindly depending on open-source libraries and Docker images can form a massive risk for your application. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user's data.
In the talk below we’ll show common threats, vulnerabilities, and misconfiguration including the recently disclosed issues in Log4j. Most importantly, you’ll learn how to protect your application with actionable remediation and best practices.
The above talk was part of the Friends of OpenJDK room at FOSDEM 2022.
-
5 Tips to Create Secure Docker Images for Java Applications
Docker is the most widely used way to containerize your application. With Docker Hub, it is easy to create and pull pre-created images.
Read More -
7 Reasons Why, After 26 Years, Java Still Makes Sense!
After many discussions with Java developers, combined with my personal experiences with the Java community and platform, here are the key reasons why Java developers love Java after all these years!
Read More -
Are Java Security Updates Important?
Recently, I was in discussion with a Java user at a bank about the possibilities of using Azul Platform Core to run a range of applications.
Security is a very serious concern when sensitive data is in use, and potentially huge sums of money could be stolen.
I was, therefore, somewhat taken aback when the user said, “We’re not worried about installing Java updates as our core banking services are behind a firewall.”
Read More
