Spring Security for N00bz: A quick introduction for the terminally insecure (10:00 - 10:50 on Tuesday)

Mark HecklerSultan of Spring

No one wants to be the next Equifax (or Target or Yahoo or TGX or or or) and feature prominently in headlines of the latest terrible security breach. Often referred to as a Career Limiting Move (CLM), it can also make you and your organization a target for lawsuits, federal charges, and recognition of the most negative kind. But security is hard, right? Where does one even begin??? One fully open-source solution for application security is widely used and respected: Spring Security. Built with Java & Spring, it provides a proven app security platform that integrates with numerous languages and components to provide end-to-end security for your critical applications. Using the JavaScript framework du jour for front end development? Reactive systems? LDAP? OAuth2? OpenID Connect? It’s in there. Defense is a multi-faceted topic, but your application’s security is central to it all. Come to this session for a thought-provoking introduction to defense in depth and a live-coding "lock it down" exploration of how to secure your apps now and maintain their security over time using 100% open source software.


Mark Heckler is a Pivotal Principal Technologist & Spring Developer Advocate, conference speaker, published author, & Java Champion focusing upon developing innovative production-ready software at velocity for the Cloud and IoT applications. Mark is an open source contributor and author/curator of a developer-focused blog (https://www.thehecklers.com) and an occasionally interesting Twitter account (@mkheck).