Skip to main content
  • Log in
  • Manage Cookies
EclipseCon - Eclipse Foundation
  • Conference
    • Program Schedule
    • Program List
    • Registration
  • Features
    • Community Day
    • Hacker Day
    • Dinner Meetups
    • OSGi Summit
    • Keynotes
  • Community
    • Code of Conduct
    • Health & Safety at EclipseCon
    • Community Resources
    • 2022 Speakers
    • Information for Speakers
  • Sponsors
    • Be a Sponsor
    • Information for Exhibitors
    • Our Sponsors
    • Sponsor Testimonials
  • Venue
    • Conference Venue
    • Hotels
    • Ludwigsburg
  • About Us
    • EclipseCon 2022
    • Program Committee
    • The Eclipse Foundation
    • Past Conferences
    • Other Events
  1. Home
  2. EclipseCon
  3. EclipseCon 2022
  4. Sessions
  5. Log4J, SpringShell and all that Jazz (or why bad things can happen to good software)

Log4J, SpringShell and all that Jazz (or why bad things can happen to good software)

Session details
Status: 
Accepted
Speaker(s): 
Steve Poole
Experience level: 
Beginner
Tags: 
Java
security
cyberwar
cybercrime
Session Track: 
All Things Quality & Security
Session Type: 
Standard

At the turn of the millennium IT organisations had about 60 days to fix software vulnerabilities.  Fast forward to 2022 and, well, it’s not good.  Zero day vulnerabilities have come and gone.  The world now  has to learn how to deal with widespread exploitation happening before a fix is available. 

In this session we’ll look at Cybercrime and its bigger more dangerous cousin:  Cyber-warfare.   We'll explore the drivers behind the radical shift,  the software arsenal available and how and why developers are both target and unwitting helpers.   A dip into Log4Shell and SpringShell will help us understand the basics of how we make software vulnerable and maybe, what we can do to reduce the risks.

No previous experience necessary! 
 

 

Objective of the presentation: 
It's imperative that all developers understand the new battlefield of cyber attacks and how previous assumptions about why and how bad guys attack have to be thrown out the window. This talk aims to provide insights into the new hows, the new whys and, most importantly, the new realities of attack. Why it's all about supply chains and why everyone is part of a supply chain. Why and how open source projects are being compromised, Why millions of developers are making poor choices and helping the bad guys unknowingly.
Attendee pre-requisites - If none, enter "N/A": 
N/A
Schedule info
Time: 
26 Oct 2022 - 14:30 to 26 Oct 2022 - 15:05
Room: 
Theater Stage
  • Sign in to post comments.

Elite

  • Huawei
  • IBM

Premium

  • Red Hat
  • Eurotech
  • Yatta Solutions GmbH

Basic

  • SSI Schaefer IT Solutions GmbH
  • Obeo
  • TypeFox GmbH
  • Mercedes-Benz Tech Innovation
  • SCANOSS
  • ARCAD Software
  • Bosch IO GmbH
  • EclipseSource

Media

  • GermanTechJobs

Become a Sponsor

Eclipse Foundation

  • About Us
  • Contact Us
  • Sponsor
  • Members
  • Governance
  • Code of Conduct
  • Logo and Artwork
  • Board of Directors
  • Careers

Legal

  • Privacy Policy
  • Terms of Use
  • Copyright Agent
  • Eclipse Public License
  • Legal Resources

Useful Links

  • Report a Bug
  • Documentation
  • How to Contribute
  • Mailing Lists
  • Forums
  • Marketplace
EclipseCon is brought to you by The Eclipse Foundation with the support of our sponsors.
Powered by Drupal and built on COD.

Copyright © Eclipse Foundation. All Rights Reserved.

Back to the top