Speaker: Simon Maple

(He / him / his)

Field CTO @snyksec

Simon Maple is the Field CTO at Snyk, a Java Champion since 2014, JavaOne Rockstar speaker in 2014 and 2017, Duke’s Choice award winner, Virtual JUG founder and organiser, and London Java Community co-leader. He is an experienced speaker, having presented at JavaOne, DevoxxBE, UK, & FR, DevSecCon, SnykCon, JavaZone, Jfokus, JavaLand, JMaghreb and many more including many JUG tours. His passion is around user groups and communities. When not traveling, Simon enjoys spending quality time with his family, cooking and eating great food.

Session

Securing Java Applications in the Age of Log4Shell

Due to unforseen circumstances, the speaker is no longer available for a Q&A. Please post any questions you have in the Announcement Slack channel.

On December 10th 2021, a new critical vulnerability, Log4Shell, was publicly disclosed and make global headlines. It impacted a wide number of applications on the internet, allowing attackers to remotely execute code within vulnerable applications worldwide.

In this session, we'll briefly cover what caused the issue, how it can be exploited, and most importantly, how it can be mitigated through upgrades, or defended against in WAF configurations and more. 

The majority of the session will look at how we can be more proactive and defensive in our decisions for future Log4Shell like scenarios. We'll take a look at where risk is being introduced into our applications and pipelines, and how we can identify and reduce this risk up front, as well as be better prepared to react to these types of incidents in future.

Date

Wednesday May 11 / 12:30PM EDT (50 minutes)

Track

Modern Java

Topics

JavaApplication SecuritySecurity

Add to Calendar

Add to calendar

Share

Share Share