DEV Community

Brian Vermeer πŸ§‘πŸΌβ€πŸŽ“πŸ§‘πŸΌβ€πŸ’» profile picture

Brian Vermeer πŸ§‘πŸΌβ€πŸŽ“πŸ§‘πŸΌβ€πŸ’»

Java Champion | Staff DevRel @ Snyk | VirtualJug lead | NLJUG lead | Dutch Air Reserve | Taekwondo Master | Flag Football LB/CB

Location Breda, Netherlands Joined Joined onΒ  Personal website https://brianvermeer.nl github website twitter website

Education

MSc Computer Science at Utrecht University

Work

Staff Developer Advocate / Software Engineer at Snyk

Mitigating path traversal vulns in Java with Snyk Code

Mitigating path traversal vulns in Java with Snyk Code

Comments
5 min read

Want to connect with Brian Vermeer πŸ§‘πŸΌβ€πŸŽ“πŸ§‘πŸΌβ€πŸ’»?

Create an account to connect with Brian Vermeer πŸ§‘πŸΌβ€πŸŽ“πŸ§‘πŸΌβ€πŸ’». You can also sign in below to proceed if you already have an account.

Already have an account? Sign in
Exploring the Spring Security authorization bypass (CVE-2022-31692)

Exploring the Spring Security authorization bypass (CVE-2022-31692)

Comments
5 min read
Unsafe deserialization vulnerability in SnakeYaml (CVE-2022-1471)

Unsafe deserialization vulnerability in SnakeYaml (CVE-2022-1471)

4
Comments
5 min read
How to create SBOMs in Java with Maven and Gradle

How to create SBOMs in Java with Maven and Gradle

Comments
8 min read
Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text (Text4Shell)

Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text (Text4Shell)

Comments
2 min read
How to use Java DTOs to stay secure

How to use Java DTOs to stay secure

1
Comments
6 min read
Best practices for managing Java dependencies

Best practices for managing Java dependencies

1
Comments
8 min read
What is a reverse shell attack?!

What is a reverse shell attack?!

3
Comments
6 min read
User Office Hours: Using the Snyk CLI for Static Code Analysis

User Office Hours: Using the Snyk CLI for Static Code Analysis

2
Comments
1 min read
Deserialization exploits in Java: why should I care?

Deserialization exploits in Java: why should I care?

3
Comments
2 min read
Building a secure CI/CD pipeline with GitHub Actions

Building a secure CI/CD pipeline with GitHub Actions

6
Comments
1 min read
User Office Hours: Building secure application in VS Code with Snyk

User Office Hours: Building secure application in VS Code with Snyk

1
Comments
1 min read
User Office Hours: Building a Secure CI/CD Pipeline with GitHub Actions and Snyk

User Office Hours: Building a Secure CI/CD Pipeline with GitHub Actions and Snyk

6
Comments
1 min read
User Office Hours: Introduction to Snyk Code

User Office Hours: Introduction to Snyk Code

Comments
1 min read
Win free swag by fixing security vulnerabilities

Win free swag by fixing security vulnerabilities

7
Comments 1
2 min read
Java JSON deserialization problems with the Jackson ObjectMapper

Java JSON deserialization problems with the Jackson ObjectMapper

5
Comments
5 min read
New Java 17 features for improved security and serialization

New Java 17 features for improved security and serialization

3
Comments
6 min read
JVM Ecosystem Report 2021

JVM Ecosystem Report 2021

Comments
1 min read
Preventing YAML parsing issues in Java

Preventing YAML parsing issues in Java

Comments
1 min read
SQL injection cheat sheet

SQL injection cheat sheet

3
Comments
1 min read
Java ecosystem survey 2021: We need your input

Java ecosystem survey 2021: We need your input

2
Comments
2 min read
Java XML External Entity Injection - Explained and Solved

Java XML External Entity Injection - Explained and Solved

4
Comments
1 min read
Git checkout remote branch: how it works and when to use it

Git checkout remote branch: how it works and when to use it

5
Comments 2
3 min read
[Podcast] Barcoding podcast - Episode 13: Security

[Podcast] Barcoding podcast - Episode 13: Security

4
Comments
1 min read
[Video] Security scanning within Gradle

[Video] Security scanning within Gradle

3
Comments
1 min read
JHipster security scanning

JHipster security scanning

3
Comments
1 min read
Fixing vulnerabilities in Maven projects

Fixing vulnerabilities in Maven projects

11
Comments
5 min read
Java 25 years β€” aging like fine wine or more like milk?

Java 25 years β€” aging like fine wine or more like milk?

8
Comments 1
4 min read
Exception Handling in Java Streams

Exception Handling in Java Streams

38
Comments 2
8 min read
5 tips to improve your Docker security

5 tips to improve your Docker security

7
Comments
5 min read
Secure code review: Bonus - Who reviews the code?

Secure code review: Bonus - Who reviews the code?

7
Comments
2 min read
Secure code review: Part 8 - Statically testing

Secure code review: Part 8 - Statically testing

5
Comments
2 min read
Secure code review: Part 7 - Well-known attacks

Secure code review: Part 7 - Well-known attacks

5
Comments
3 min read
Secure code review: Part 6 - Handling sensitive data

Secure code review: Part 6 - Handling sensitive data

8
Comments
3 min read
Secure code review: Part 5 - Least privilege principle

Secure code review: Part 5 - Least privilege principle

11
Comments
2 min read
Secure code review: Part 4 - Enforce secure authentication

Secure code review: Part 4 - Enforce secure authentication

2
Comments
2 min read
Secure code review: Part 3 - Test for vulnerabilities introduced by dependencies

Secure code review: Part 3 - Test for vulnerabilities introduced by dependencies

4
Comments
2 min read
How is your sticker game in 2020 πŸ’»

How is your sticker game in 2020 πŸ’»

8
Comments 2
1 min read
Secure code review: Part 2 - Never store secrets as code

Secure code review: Part 2 - Never store secrets as code

5
Comments
2 min read
πŸ“£ [Feedback asked] Calling all JS developers using VS Code

πŸ“£ [Feedback asked] Calling all JS developers using VS Code

7
Comments 1
1 min read
Secure code review: Part 1 - Sanitize and validate all input

Secure code review: Part 1 - Sanitize and validate all input

21
Comments
2 min read
Eclipse Collections now supports Triples

Eclipse Collections now supports Triples

3
Comments
2 min read
Live Vulnerability spotting in VSCode

Live Vulnerability spotting in VSCode

4
Comments
1 min read
Live Exploiting Your Open Source Dependencies with Brian Vermeer 17:46

Live Exploiting Your Open Source Dependencies with Brian Vermeer

68
Comments 39
1 min read
Summing a List of numbers in Java

Summing a List of numbers in Java

7
Comments
4 min read
Effortlessly finding vulnerabilities in npm packages with VS Code

Effortlessly finding vulnerabilities in npm packages with VS Code

6
Comments
2 min read
Challenge

Challenge

1
Comments
1 min read
The perils of configuration security

The perils of configuration security

9
Comments
1 min read
Kotlin becomes the 2nd most popular language on the JVM

Kotlin becomes the 2nd most popular language on the JVM

2
Comments
2 min read
How to implement DevSecOps across the entire organisation

How to implement DevSecOps across the entire organisation

12
Comments
1 min read
Web Application Firewall - Friend of your DevOps pipeline?

Web Application Firewall - Friend of your DevOps pipeline?

8
Comments
1 min read
What are your favorite Software Development tools ?

What are your favorite Software Development tools ?

10
Comments 2
1 min read
Use strong encryption and hashing algorithms in Java

Use strong encryption and hashing algorithms in Java

15
Comments 3
2 min read
Avoid Java serialization

Avoid Java serialization

11
Comments
2 min read
Configure your Java XML-parsers to prevent XXE

Configure your Java XML-parsers to prevent XXE

5
Comments
2 min read
10 Java security best practices

10 Java security best practices

65
Comments
6 min read
Jackson Deserialization Vulnerability

Jackson Deserialization Vulnerability

13
Comments
2 min read
Optional .... what else?

Optional .... what else?

17
Comments
3 min read
10 Eclipse plugins you shouldn’t code without

10 Eclipse plugins you shouldn’t code without

46
Comments
4 min read
loading...