I gave a presentation titled "Secure Java Programming" on November 14, 2007 to the most excellent Philadelphia Area Java Users' Group at the Unisys East Coast Development Center in Malvern, PA. This is a great JUG - every time I have gone to one of their meetings the turnout has been huge and the speakers first-class. If you are interested in Java and work in the Greater Philadelphia area, it's definitely worth making an effort to attend.
During my talk I reviewed:
- Java platform security features
- Online resources related to security
- Common vulnerabilities exploited by attackers
- A 10-part "Leet Skillz" course that reviewed vulnerable code examples and how to mitigate the issues
This 6.5 meg PowerPoint is the original presentation plus some additional material on bypassing access modifiers using Reflection - enjoy!
Download java_programming_security.pps