webtechie.be_
~ / podcasts / podcast

Foojay Podcast #7: Security in Java, what do we need to know and how to keep our applications secure?

FR
Frank Delporte · Nov 21, 2022 · 1 min read

Every Java application carries a stack of dependencies, and any one of them can hide a vulnerability that puts your users at risk. Knowing how to spot weak spots, harden code, and pick safer libraries matters for anyone shipping JVM software. In this Foojay Podcast #7, host Erik Costlow sits down with Steve Poole, Brian Vermeer, and Anastasiia Voitova to dig into what Java developers need to know to keep applications secure.

What we talked about

  • Secure coding habits and how to detect vulnerabilities in Java applications
  • Managing Java dependencies without inheriting their risks
  • XML parsers and Data Transfer Objects as security weak points
  • Encryption choices when provisioning data
  • CVEs, the OWASP Top Ten, and CWE weaknesses
  • JAR signing and safer library integration
  • Defense in depth strategies for the JVM
  • Security considerations for IoT devices running Java

Why it matters

Security shifts from a checklist to a daily practice once you ship real code. The guests share concrete patterns developers can apply today, from spotting risky parsers to layering defenses across the stack. That practical angle makes this one a useful listen for anyone touching production Java.

See the Foojay Podcast #7 for all info, shownotes, links, etc.

#podcast#foojay#java#security#jvm