Skip to main content

Security in the Open Source ecosystem has continuously grown in priority on the global agenda in the technology industry. Many practices like DevOps, Agile, and standards like ISO/IEC 27001 have contributed over the years to adopt and promote a shift-left approach to security in the industry. The Java ecosystem is not separate from the opportunities and challenges the industry has overcome regarding security.

In late 2022 I started to deliver the session “Deep diving into Java ecosystem security with OpenSource and DevSecOps” which provide a glance at how Open Source and the Java ecosystem correlate during the lifecycle of common vulnerabilities and exposures (CVE). The session presents current challenges, opportunities, and recommendations to improve the security management of your new and existing architectures under an approach supported by DevSecOps principles. 

I hope that having the opportunity to see how under the hood, the Open Source software security lifecycle is carried out also provides a better understanding of how you can contribute actively to the OSS.

Spanish session presented at Jconf Peru 

Cesar Hernandez

Cesar Hernandez

César Hernández is a Senior Software Engineer at Tomitribe with experience in Enterprise Java Applications. He is a Java Champion, Duke's Choice Award winner, Eclipse Committer, Open Source advocate, teacher, and public speaker. When César is away from a computer, he enjoys spending time with his family, traveling and playing music with the Java Community Band, The Null Pointers. Follow Cesar on twitter @CesarHgt

Leave a Reply