Top Security Flaws Hiding in Your Code Right Now – and How to Fix Them

Track: Security
Abstract
Security vulnerabilities aren’t just hypothetical—they’re real, from the MongoDB attack to the Log4Shell disaster, and they’re hiding in your code right now. In this session, we’ll explore the most common and dangerous flaws: SQL Injection, Deserialization Injection, and Logging Injection.

We’ll explain how these vulnerabilities work, why they’re so risky, and how to fix them through examples.

You'll leave with practical tips for safeguarding your applications, including best practices for SQL query parameterization, secure deserialization techniques, the importance of sanitizing logs, and how to use tooling to prevent these flaws more easily.

Audience Takeaways:

Deep understanding of SQL Injection, Deserialization Injection, and Logging Injection.
Practical code examples and fixes to secure your applications.
Insights into real-world case studies of major security breaches.
Tooling that will help us to commit safe code.
Jonathan Vila
Java Champion, Organiser at BarcelonaJUG and cofounder of JBCNConf and DevBcn conferences in Barcelona. Currently working as a Developer Advocate in Java at Sonar (SonarLint,SonarQube), focused on Clean Code & Security. I have worked as a (paid) developer since the first release of The Secret of Monkey Island, about 30 years ago using Go on Kubernetes for a Service Mesh layer on top of Istio | Java on Kubernetes for K8s Operator, Rest API, using Quarkus, GraalVM, Apache Camel | PHP | VB | Python | Pascal | C I am very interested in simulated reality, psychology, philosophy, and Java.
logo
speakers   sessions   sponsors   conference info  
  code of conduct   privacy policy   organizers   past conferences  
We are open-source