Our industry has a problem: we build systems that move billions – and they often fail due to trivial security flaws. The truth is uncomfortable: insecure software is not just born of ignorance, but of complacency, convenience, and a toxic "ship now, fix later" mindset.

This session goes beyond secure Java programming. It’s about responsibility. We dissect real-world attack vectors, expose common vulnerabilities, and demonstrate how even seasoned developers fall into familiar traps. Obfuscation won’t save you – true security begins in the code, in the mindset, and in the build process.

But the rules are changing. Artificial Intelligence is becoming both a tool for attackers and a liability in our own products. Developers who fail to engage critically with this shift are leaving their systems wide open.

We’ll explore secure coding practices, the SLSA framework for securing software supply chains, and confront the hard question: how can developers survive in an era of automated attacks?

In short: this session isn’t a gentle talk – it’s a wake-up call. If you write software today, you carry responsibility. If you ignore it, you’re part of the problem.