Brian Demers: Security Vulnerabilities for Java Developers

Wednesday February 9th, 2022

Watch on YouTube:

5:30-5:45: Announcements

5:45-7:15: Security Vulnerabilities for Java Developers

Ever seen a security-related issue that you felt should be reported? Unsure of how reporting security issue is different than a regular bug? Developers of any level should know how to report a vulnerability. In this talk, we will talk about what CVEs are, some general vulnerability classifications, look at a few ways you can report security issues, as well as look at a few common mistakes.

Knowing how to report a vulnerability is just half the battle, you also need to keep your applications free of them. We will dig into the recent Log4Shell vulnerability and discuss lessons learned when scrambling to update versions. Finally, we will talk about how this scramble can be avoided by getting notifications when new security issues are announced, and how to keep your applications updated automatically.

This talk is geared toward non-security professionals.

About Brian Demers

Brian Demers is a Developer Advocate at Okta, a Java Champion, and a PMC member for the Apache Shiro project. He spends much of his day contributing to OSS projects in the form of writing code, tutorials, blogs, and answering questions. Along with typical software development, Brian also has a passion for fast builds and automation. Away from the keyboard, Brian is a beekeeper and can likely be found playing board games.

You can find Brian on Twitter at @briandemers (

7:15-7:30: Q & A

The live streaming of this meetup is sponsored by Okta (

This entry was posted in Uncategorized. Bookmark the permalink.

Comments are closed.