On the Road Again: Here Comes September
September is the start of the developer community’s most intense period of conferences and Sonatype is going to be at quite a few of them. Folk from the DevRel team will be speaking, presenting, and there to help the community at open source conferences, Java conferences, and more throughout the ... Read More
Java Serialisation – the gift that keeps on taking (Part 3)
In the previous post we  examine particular Java Serialisation characteristics and design points that had a few unexpected consequences. In this post we'll explore more around exploiting serialisation datastreams. How it's possible to compromise systems silently and in different ways: from changing data, running arbitrary code or even crashing systems.  ... Read More
Java JEP’dy. Sometimes you just have to let your hair down.
I’ve been at Sonatype for a few months and it’s been quite the roller coaster. A stupid amount of fun as we grow the DevReal team, figure out what’s important, what’s not and how to do all the usual stuff that DevRel teams do. (BTW Just in case it wasn’t ... Read More
Java Serialization. The gift that keeps on taking. Part 1
Hands up who has heard of Log4Shell? No? If you’re a Java developer and this term isn’t familiar to you then you might want to google it right now. We’ll wait ... Read More
