This event has ended. Visit the official site or create your own event on Sched.
Get your ticket and additional info and support at jcon.one
Back To Schedule
Wednesday, September 21 • 13:00 - 13:50
Eliminate Java Deserialization Attacks

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The world is increasingly threatened by cybercrime, regardless of whether it affects companies, organizations, governments, or facilities and infrastructure. Those who do not take this threat seriously risk high damages and act recklessly. In Java, serialization is the biggest security flaw. In Java, serialization is the biggest security flaw. More than 50% of all vulnerabilities are linked to serialization. In this session, you will see why we still need serialization, how the inbuilt design is fatally flawed, and how it is being exploited and used against us. Now, there is a way to protect your applications. In the second part of this talk, you will learn how you can eliminate deserialization attacks with MicroStream high-secure serialization.

avatar for Steve Poole

Steve Poole

Developer Advocate, Sonatype
Developer Advocate,Security Champion, DevOps practitioner (whatever that means) Long time Java developer, leader and evangelist. I’ve been working on Java SDKs and JVMs since Java was less than 1. Also had time to work on other things including various JSRs, being a committer on... Read More →
avatar for Markus Kett

Markus Kett

CEO, MicroStream
Markus has been working with Java since 20 years. Markus is co-founder and CEO at MicroStream, editor in chief for the free JAVAPRO magazine in Germany, co-organizer of the Java conference JCON in Duesseldorf, and well known as editor and speaker at many developer conferences and... Read More →

Wednesday September 21, 2022 13:00 - 13:50 CEST
#1 Main EN only