Building cloud-native Java apps feels smooth. You move fast, code freely, and ship often. But that same vibe coding mindset can open the door to serious security problems. Copying code from the internet or trusting your AI assistant too much can introduce unsafe logic. Adding libraries without checking them and running container images you did not build can silently expose your application to attacks.
In this session, you will see how modern Java stacks become vulnerable through real-world examples and live hacking. From untrusted dependencies to misconfigured containers, we will explore the common traps developers fall into. You will walk away with practical techniques to spot these risks early and keep your code secure in the cloud-native world.
In this session, you will see how modern Java stacks become vulnerable through real-world examples and live hacking. From untrusted dependencies to misconfigured containers, we will explore the common traps developers fall into. You will walk away with practical techniques to spot these risks early and keep your code secure in the cloud-native world.
Brian Vermeer
Snyk
Staff Developer Advocate for Snyk, Java Champion, and Software Engineer with over a decade of hands-on experience in creating and maintaining software. He is passionate about Java, (Pure) Functional Programming and Cybersecurity. Brian is a JUG leader for the Virtual JUG and the NLJUG. He also co-leads the DevSecCon community and is a community manager for Foojay. He is a regular international speaker on mostly Java-related conferences like JavaOne, Devnexus, Devoxx, Jfokus, JavaZone and many more. Besides all that, Brian is a military reserve for the Royal Netherlands Air Force and a Taekwondo Master / Teacher.