First Line of Defense: Patching Vulnerable Java Application Dependencies in CF - Aner Mazur, Snyk

April 27, 2018

First Line of Defense: Patching Vulnerable Java Application Dependencies in CF - Aner Mazur, Snyk What happens when a critical Java security vulnerability is detected in an application dependency, and upgrading is hard? How could you respond quickly without disrupting your development process and immediately shifting substantial resources to test a major upgrade? This talk will analyze high-impact Java vulnerabilities, such as the Apache Struts vulnerability that was exploited in the May 2017 Equifax data breach. We'll show how to exploit them as an attacker would, discuss the various ways such a Java vulnerability could be addressed in the CF environment, as well as present an automated patch first, upgrade later approach. About Aner Mazur Aner is the VP of Product Management at Snyk. He is responsible for setting the product strategy and delivering open source security solutions for developers. Prior to joining Snyk Aner was head of product management at Outbrain, and prior to that Aner came from an algorithmic R&D management background at VMware and B-hive Networks, which makes him very excited about the opportunities ahead for bringing security to cloud application platforms.

Previous
Securing Spring Functions – By Breaking In
Securing Spring Functions – By Breaking In

SpringOne Platform 2018 Securing Spring Functions – By Breaking In - Guy Podjarny, Snyk

Next Video
Building Security In: Using Cloud Foundry to Secure CF Apps - Guy Podjarny, Snyk
Building Security In: Using Cloud Foundry to Secure CF Apps - Guy Podjarny, Snyk

Building Security In: Using Cloud Foundry to Secure CF Apps - Guy Podjarny, Snyk Security is a hot topic i...