A presentation at Open Rhein Main 2019 in in Darmstadt, Germany by Alexander Reelsen
Have you ever had a huge cloud provider bill? A sudden spike in CPU usage across many services? Did your infrastructure turn into bitcoin miners because someone found a way to execute arbitrary code in the application you wrote? Security is neither an operations nor a developer responsibility, but both!
What did you do after the incident? Did you close this particular security whole or did you fix this whole type of vulnerability? In order achieve the latter this talk will talk about using seccomp as an operating system feature as well as the Java Security Manager and how to leverage those as application developer in order to improve security and reduce the risk of getting hacked.