Steve Poole

Developer Advocate, Security Champion, DevOps practitioner (whatever that means) Long time Java developer, leader and evangelist. I’ve been working on Java SDKs and JVMs since Java was less than 1. JavaOne Rockstar, JSR leader and representation, Committer on open source projects including ones at Apache, Eclipse and OpenJDK. A seasoned speaker and regular presenter at international conferences on technical and software engineering topics.

On the Road Again: Here Comes September

By Steve Poole on September 06, 2022 Events and Webinars

4 minute read time

Sonatype DevRel folk will be speaking, presenting, and there to help at open source conferences, Java conferences, and more throughout September 2022.
Read More...

Java Serialisation - The Gift That Keeps on Taking (Part 3)

By Steve Poole on July 02, 2022 Cybersecurity

7 minute read time

Part 3 of our issues with Java serialisation shares a deep dive into gadget chains and denial of service attacks.
Read More...

Java JEP’DY. Sometimes You Just Have to Let Your Hair Down.

By Steve Poole on April 01, 2022 developers

3 minute read time

Java JEP'dy. a game for Java developers everywhere Inspired by the original Jepardy quiz came at Devnexus, Devoxx UK, JBCN, JNation and more
Read More...

Java Serialisation - The Gift That Keeps on Taking (Part 2)

By Steve Poole on March 30, 2022 open source security

8 minute read time

Part two of our Java serialization series: the unexpected consequences of design and how the data stream can be compromised.
Read More...

Java Serialisation - The Gift That Keeps on Taking (Part 1)

By Steve Poole on March 11, 2022 java

6 minute read time

Log4Shell impels us to review the reasons Java needs serialisation, how to use it safely, and what other options exist. Here in part 1, we examine design.
Read More...