Brian Vermeer
Snyk
Staff Developer Advocate for Snyk, Java Champion, and Software Engineer with over a decade of hands-on experience in creating and maintaining software. He is passionate about Java, (Pure) Functional Programming and Cybersecurity. Brian is a JUG leader for the Virtual JUG and the NLJUG. He also co-leads the DevSecCon community and is a community manager for Foojay. He is a regular international speaker on mostly Java-related conferences like JavaOne, Devnexus, Devoxx, Jfokus, JavaZone and many more. Besides all that, Brian is a military reserve for the Royal Netherlands Air Force and a Taekwondo Master / Teacher.
Breaking AI: Live coding and hacking applications with Generative AI
Conference (INTERMEDIATE level)
Is your organization ready to revolutionize your coding experience with generative AI tools, like copilot, ChatGPT, or code whisperer? Do you know how to code safely with generative AI tools increasing your delivery speed without compromising security? In this session, we’ll discuss some of the dangers of generative AI, including hallucinations and security risks. We’ll live code a Spring coffee shop application using copilot, and ChatGPT, and live hack the results, showing how the generated code can be exploited in a running app. We’ll uncover generated SQL injections, Cross site scripting, directory traversal and more. Don't miss this electrifying opportunity to explore the cutting edge of coding technology. Join us and embark on a journey where velocity meets security, and innovation knows no bounds. Secure your spot now and get ready to code like never before! In this session you'll learn how you can leverage the power of AI to increase your velocity while mitigating risks and staying secure.
More Don't Get Burned! Secure Coding Essentials in Java to protect your application
Tools-in-Action (INTERMEDIATE level)
As a Java developer, you understand the importance of writing code that is functional, scalable, and maintainable. But how about secure code? Even the most seasoned developer can make common security mistakes that leave your code vulnerable to attack. In this session, we'll explore the most common and sometimes unknown security pitfalls made by Java developers and provide practical tips for avoiding them. We'll cover everything from input validation errors to injection to file overwrites and arbitrary code execution. We'll show real-world examples of insecure code and demonstrate how attackers exploit these vulnerabilities before showing you how to fix these code constructions. By understanding how these mistakes get exploited, you'll be better equipped to write secure, bulletproof code that can withstand attacks. Whether you're a junior developer just starting out or a seasoned pro looking to brush up on your skills, this session is a must-attend for anyone concerned with the security of their Java applications. Let’s start writing secure Java code and learn how to avoid security mistakes.
More 
