Recent Posts

Deserialization Exploits in Java: Why Should I care?

Hackers refer to deserialization in Java as “the gift that keeps on giving”. But what is actually the problem? In most cases, it is not even your own code that creates this security vulnerability. This problem is also not restricted to Java’s custom serialization framework. When deserializing JSON, XML, or YAML, similar issues can occur as well. I recently gave …

Read More »

Journeys in Java, Level 6: Build a Neo4j Microservice

For our next adventure in Java microservices, we want to expand our system for book review data. While books and authors are well-suited for a document database such as MongoDB, once you add reviews to the mix, the importance of the relationships makes this project better suited for a graph database. This way, we can utilize relationships between the different …

Read More »

Jakarta Concurrency: Present and Future

Jakarta EE, previously Java EE, is a set of specifications that enables the world wide community of Java developers to work on cloud native Java enterprise applications. It is an open source project maintained by the Eclipse Foundation. Jakarta Concurrency is a small, but fundamental, specification under the Jakarta EE umbrella. As project lead, I provide more information on what …

Read More »