Security: Front to back (with Eerk Hofmeester and Brian Vermeer)

RotterdamJUG is happy to invite you to an inspiring meetup. Our host this time is Sanoma daughter Bolster Safety in Schiedam. We will be joined by well known cybersecurity expert and international speaker Brian Vermeer. Bolster will not only share their location and pizza, but also some of their insights on security from a business perspective.

‘How to hack a good meaning organisation?’

The front: What happens to an organisation when the GDPR train rolls over them and what measures do their developers have to take?

The back: Great that they take these measures, but how do I as an (ethical) hacker gain access to the Java environment of such an organisation?

-- Schedule --

17h30 : Doors open
18h00 – 18h30 : Welcome and food
18h30 – 19h15 : Eerk Hofmeester: GDPR train thunders through Bolster
19h15 – 20h15 : Brian Vermeer: Live Hacking : Breaking into your Java web app
20h15 - 21h00 : Drinks (building closes at 21:00 sharp)

-- GDPR train thunders through Bolster --

Bolster Safety creates an e-learning platform for workers in the high risk industry. That means they process a lot of privacy sensitive data. As a Sanoma company, their ‘mother’ is very keen on keeping up her reputation as a trustworthy organisation.

As application developer this means half your backlog is suddenly filled with tickets the titles of which a non-technical person doesn’t even understand. But – what else is new? – all of them are High Priority and High Urgency. With a large dose of pragmatism and (self-)mockery he shows what this means for an organisation and development team.

Speaker: Eerk Hofmeester, Product Owner and Dev Team Lead @ Bolster Safety

Eerk has a 30+ years background in functional design, UX and UI, enterprise architecture, business analysis and product development. As Product Owner of the Bolster application and Team Lead of its development team Eerk has a unique perspective on both the demand and supply sides of privacy and security questions that are aimed at applications.

-- Live Hacking : Breaking into your Java web app --

In this session, we will demonstrate how common vulnerabilities in the Java eco-system are exploited on a daily base by live hacking real-world application libraries. All the examples used are commonly known exploits, some more famous than others, such as Apache Struts and Spring break remote code execution vulnerabilities. By exploiting them and showing you how you can be attacked, before showing you how to protect yourself, you will have a better understanding of why and how security focus and DevSecOps is essential for every developer.

Speaker: Brian Vermeer, Developer Advocate @ Snyk

Brian is Software Engineer with over 10 years of hands-on experience in creating and maintaining software. He is passionate about Java, (Pure) Functional Programming and Cybersecurity. Brian is an Oracle Groundbreaker Ambassador and regular international speaker on mostly Java related conferences like JavaOne, Oracle Code One, Devoxx BE, Devoxx UK, Jfokus, JavaZone and many more. Besides all that Brian is a military reserve for the Royal Netherlands Air Force and a Taekwondo Master / Teacher.

-- Directions --

Location: Bolster Safety (DCMR building), Parallelweg 1, Schiedam

How to get there:

Public transport: The DCMR building is a one minute walk from the train station Schiedam Centraal. Take the exit ‘Parallelweg’ (north side) and the building is in front of you.

Car: Take the Parallelweg and drive around the DCMR building for the parking garage. Use the intercom to get in.