JSR107—What the New Java Caching Standard Has in Store For You

Conf Day 5

Technical Discussion Panel

Securing Java EE Web Apps Abstract

Learn how to exploit security vulnerabilities that are commonly found in the arsenal of malicious attackers. We won't simply talk about issues like XSS, CSRF and SQL Injection, but will have live demos showing how hackers exploit these potentially devastating defects using freely available tools. You'll see how to hack a real world open source application and explore bugs in commonly used open source frameworks.

We also look at the source code and see how to fix these issues using secure coding principles. We will also discuss best practices that can be used to build security into your SDLC. Java developers and architects will learn how to find and fix security issues in their applications before hackers do.

Speaker(s)

• Frank Kim

Related Presentations

A pragmatic scaffolding approach to build Java Web Applications in few minutes

Arquillian - The Extendable Enterprise Test Platform

CDI, what comes next

Code generation at large - techniques and lessons learned

Extreme Transaction Processing

Forge new Ground in Rapid Enterprise Java Development

GlassFish Application versioning and high-availability rolling upgrade

GlassFish, 2 years into Java EE 6 at Oracle (real-world use-cases included)

Having fun with Java and Home Automation

Hibernate JPA type safe query in Scala an implicit help from the language

Showing first 10 of 26 results

Search by Tag

Below are the 170 labels used in Devoxx 2011 listed alphabetically. Click on a label to see its associated content.

A action, activemq, activiti, actors, adobe, agile, air, ajax, alfresco, alm, amazon, analysis, android, annotations, apache, appcache, apple, asynchronous, atlassian, azure	B bejug, bitbucket, blackberry, bof	C c2dm, caching, camel, cdi, ceylon, chrome, ci, clojure, closures, cloud, cloudfoundry, cms, coherence, collaboration, comet, conference, confluence, continuous, css3, cxf
D-F design, devoxx, dojo, domotics, dsl, duchess, dvcs, eclipse, eclipselink, ejb31, fantom, flex, fork/join, foss	G gae, gaelyk, git, glassfish, google, gpars, grails, graphics, griffon, groovy, gtug, gui, gwt	H-I hands-on, heroku, hibernate, html5, http, hudson, ibm, in, indexeddb, infinispan, ios, iphone
J jackrabbit, java7, javaee, javaee6, javafx, javame, javascript, javase, jax-rs, jboss, jcp, jcr, jdk, jdk7, jdk8, jenkins, jigsaw, jira, jms, jmx, jpa, jpa2, jquery, jruby, jsf2, json, jsr, jsr-170, jug, jvm	K-N labs, lambda, maven, methodology, microsoft, mobile, modules, mongodb, mozilla, multicore, news, nosql	O-Q oauth, openjdk, openshift, osgi, paas, parleys, performance, playframework, podcast, pojo, polyglot, quickie
R-S rails, redis, rest, ria, roo, scala, scalable, seam, security, servicemix, speakers, spring, springmvc, stm, swing	T-W tdd, testing, tools, tools_in_action, transactions, twitter, university, vaadin, w3c, web20, webgl, websockets, websql, weld, wicket	X-Z xml, xpand, xtext