JAVAPROJun 9

Viele Java-Teams wissen nicht, welche Libraries wirklich produktiv laufen — bis die nächste #Log4Shell auftaucht. #SBOMs schaffen Transparenz über Abhängigkeiten & Risiken.

Sven Ruppert zeigt die Praxis:
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-1/
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-2/

#Maven #Gradle #CycloneDX

Carolina Code ConferenceMay 27
FYI: Software Composition Analysis: Protecting Against Log4Shell #shorts: Discover how software composition analysis can help prevent Log4Shell-like attacks. Learn how it could've helped your organization avoid the scramble. #Log4Shell #SoftwareAnalysis #Cybersecurity #Vulnerability https://www.youtube.com/shorts/3g9H_Gitv-8
JAVAPROMay 6

Viele Java-Teams wissen nicht, welche Libraries wirklich produktiv laufen — bis die nächste #Log4Shell auftaucht. #SBOMs schaffen Transparenz über Abhängigkeiten & Risiken.

Sven Ruppert zeigt die Praxis:
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-1/
https://javapro.io/de/sbom-fuer-java-entwickler-was-bringt-mir-das-im-alltag-wirklich-teil-2/

#Maven #Gradle #CycloneDX

Tecnoblog • tecnologia que interessa [Unofficial]Apr 30

O que é ataque zero-day? Conheça uma das principais ameaças de cibersegurança

https://fed.brid.gy/r/https://tecnoblog.net/responde/o-que-e-ataque-zero-day-conheca-uma-das-principais-ameacas-de-ciberseguranca/

Carolina Code ConferenceApr 28
ICYMI: Software Composition Analysis: Protecting Against Log4Shell #shorts: Discover how software composition analysis can help prevent Log4Shell-like attacks. Learn how it could've helped your organization avoid the scramble. #Log4Shell #SoftwareAnalysis #Cybersecurity #Vulnerability https://www.youtube.com/shorts/3g9H_Gitv-8
JAVAPROApr 26

You trust your dependencies? That’s the risk. From #Log4Shell to self-replicating worms, attacks don’t hit your code first — they hit your supply chain, often via packages.

@MohammadAliEN explains what to watch: https://javapro.io/2026/04/23/the-whispering-jar-java-security-lessons-hidden-in-a-fantasy-tale/

#AppSec #Java #SupplyChainSecurity

JAVAPROApr 24

If your #Java stack relies on “upstream will fix it”, you already lost time. @spoole167 shows how real-world Java systems survive on unmaintained code — and what to do instead.

Learn from the #SupplyChain reality: https://javapro.io/2026/01/08/the-myth-of-stability-javas-software-supply-chain-after-log4shell/

#CyberSecurity #AI #Log4Shell

Carolina Code ConferenceApr 17
Software Composition Analysis: Protecting Against Log4Shell #shorts: Discover how software composition analysis can help prevent Log4Shell-like attacks. Learn how it could've helped your organization avoid the scramble. #Log4Shell #SoftwareAnalysis #Cybersecurity #Vulnerability https://www.youtube.com/shorts/3g9H_Gitv-8
Carolina Code ConferenceMar 17
FYI: Software Composition Analysis: Protecting Against Log4Shell #shorts: Discover how software composition analysis can help prevent Log4Shell-like attacks. Learn how it could've helped your organization avoid the scramble. #Log4Shell #SoftwareAnalysis #Cybersecurity #Vulnerability https://www.youtube.com/shorts/3g9H_Gitv-8
Foojay.ioMar 7
I'm afraid the deprecation of the Security Manager just added several lines to that risk, all linked to running untrusted code....
#JEP411 #Log4J #Log4Shell #Security #securitymanager
https://foojay.io/today/running-untrusted-code/
You're Running Untrusted Code! | Foojay.io Today

I'm afraid the deprecation of the Security Manager just added several lines to that risk, all linked to running untrusted code.

foojay