Rob Winch #BLM

3.4K posts

Rob Winch #BLM banner
Rob Winch #BLM

Rob Winch #BLM

@rob_winch

Open source enthusiast; Project Lead for @SpringSecurity; Employed by @VMware

BlueSky @rwinch.github.io Katılım Mayıs 2012
767 Takip Edilen7.4K Takipçiler
Rob Winch #BLM retweetledi
Devnexus
Devnexus@devnexus·
🔒 Introducing the Devnexus Security Track Security starts at day one — this track shows how to protect Java apps, AI systems, and enterprise workflows with practical insights on vulnerabilities, privacy, and trust. 💥 Here’s what’s coming: • Zero Migration Java: Stay Current Without Breaking Your App — @yeekangc (@IBM) • Bootiful Spring Security — @starbuxman & @rob_winch (@Broadcom) • Building Trustworthy and Reliable LLM Applications — @alexsotob & @myfear (IBM) • Privacy in Design (PbD) in DevSecOps — Anitha Dakamarri (@DFINSolutions) • The Hidden Security Hazards in Your Java Stack — @BrianVerm (@Snyk) • Implementing MCP Authorization using Spring Security OAuth 2.1 Capabilities — @joe_grandja (Broadcom) • The Responsible Java Developer: Trustworthy GenAI in Practice — @bbenz (@Microsoft) • Deep Dive into Data Streaming Security — @OlenaKutsenko (@confluentinc) • Code Your Way to Quantum-Safe Development by Solving Tomorrow’s Encryption Crisis — @allmycode (@DrewUniversity) This is one of 11 tracks at Devnexus, built for engineers who want to secure real systems, protect data, and design resilient applications. 👉 Explore the schedule: devnexus.com/schedule/dev-p… 🎟️ Secure your ticket: devnexus.com ✉️ Stay up to date: atlj.ug/Xconnect #Devnexus #Java #SpringSecurity #LLM #PrivacyByDesign #DataSecurity #CyberSecurity #EnterpriseSecurity #SoftwareArchitecture #DevCommunity #TechConference #AI #ProductionAI #MLOps
Devnexus tweet media
English
0
5
3
1.3K
Rob Winch #BLM retweetledi
Sébastien Blanc 🇪🇺 🥑
Sébastien Blanc 🇪🇺 🥑@sebi2706·
🚨 So after 21 years of career, it finally happen, I have been let go from my company, in fact the complete marketing team has been let go ... It came really as a complete surprise, I was not expecting that at all since they were super happy with and the significant impact I had. Also the company is doing really well ... But it's life, it's not easy, I'm recovering slowly and I'm already looking for my next adventure. So if you are looking for a experienced IT professional with expertise going from advocacy (community, pre-sales & customers) to Java, with a lot of knowledge and opinions on Platform Engineering/k8s ecosystem and how all of this can be infused with AI, don't hesitate to ping me. Remote EMEA Also don't hesitate to RT this post. Love you all, my network of friends has already been beyond awesome helping when I told them in private last week.
English
32
130
372
97.2K
Rob Winch #BLM
Rob Winch #BLM@rob_winch·
I'm really enjoying the experience on Blue Sky. I can find things that interest me again vs skipping over 99.9% nonsense. If you are also enjoying it over there, you can find me at bsky.app/profile/robwin…
English
0
0
2
945
Rob Winch #BLM retweetledi
Dan Vega
Dan Vega@therealdanvega·
I'll be presenting on A Java Developers Guide to Navigating the Frontend Landscape at @devnexus 2025 in March! Come to this great community Java and Cloud conf and see me and other great speakers present. Use this code to get an extra $100 off the registration: SEEMESPEAK devnexus.com/presentations/…
English
1
9
34
2.9K
Rob Winch #BLM retweetledi
Phil Webb 🍃
Phil Webb 🍃@phillip_webb·
I'll be presenting on How to debug: Lessons learnt from 10 years of Spring Boot at @devnexus 205 in March! Come to this great community Java and Cloud conf and see me and other great speakers present. Use this code to get an extra $100 off the registration: SEEMESPEAK
English
2
11
41
6.3K
Rob Winch #BLM retweetledi
Josh Long
Josh Long@starbuxman·
Hey, if you listened to @rob_winch you’d never know this
BlackRoomSec@blackroomsec

Please share this far and wide. As far and wide as you can. NIST Password Guidelines for 2024 are in the process of being updated. This is a HUGE pet-peeve of mine (when vendors in particular are still operating like its 2017 and keep changing passwords every 60 days, STOP DOING THIS, it's outdated and has been shown to put you MORE at risk than less -- NIST explains why it does in this document, meticulously outlining user behavior**) so I'm sharing this in the hopes all of you will pass it along to your bosses. The Special Publication series governing passwords is SP 800-63 "Digital Identity Guidelines". The 2024 version is 800-63-4. Here: pages.nist.gov/800-63-4/ The companion docs are also on that link. They are 800-63A, 800-63B and 800-63C. These are different documents for different scenarios in play at your org. The previous update was in2020. The changes in the 2020 version from the 2017 version were numerous but one of them was that the password verification method should NO LONGER require passwords be changed at specific intervals (i.e. every 60 days) but in the following circumstances instead: 1. After a breach/compromise 2. User request 2024 repeats this and adds a bunch more guidlines but here is a screenshot of page 13 of the new 800-63-4 (note the # 4 after it) which outlines how your systems should now and moving forward, be handling passwords. This goes for Active Directory, too. All your systems which have passwords should align with these guidelines provided there isn't another standard or framework you must adhere to which overrules this. Most frameworks, however, have moved away from arbitrary password resets and complexity rules. **We cybersec researchers and hackers use wordlists from breaches in a variety of different ways. Hackers use them in tooling to crack passwords whereas researchers use breach dumps to see the kinds of passwords users are creating and the psychology behind them. Using complexity rules gets you the user psychology of: Password1 Password2 and so on Use phrasing instead and allow for spaces, which is important. Humans type phrases with spaces. They also mention phish-resistant methods and most vendors are on-board with MS going to be turning off all Legacy Auth next month, across all free accounts and tenancies. I'm so excited for the new changes! Ok I'm off my soapbox. Share the love! Thank you!

English
0
3
5
3.9K
Rob Winch #BLM
Rob Winch #BLM@rob_winch·
Good morning @SpringOne & @springcentral community! I cannot wait to see you at "Let's Explore #SpringSecurity 6.4" where I'll talk about some of the new AuthZ features (tomorrow we'll talk about AuthN). Not here in person? - Watch the free livestream! springone.io/schedule
Spring Security@SpringSecurity

Attending @SpringOne? RSVP now to "Let's Explore Spring Security 6.4" where #SpringSecurity project lead @rob_winch will teach you about the latest features coming in Spring Security 6.4! event.vmware.com/flow/vmware/ex… Can't make it? Check out the livestream springone.io/schedule

English
0
6
15
3.2K
Rob Winch #BLM retweetledi
Dan Vega
Dan Vega@therealdanvega·
Custom Spring Security Login using Tailwind CSS + Tailwind UI 🤩 I have a couple of Tailwind / Spring Security videos coming if you're interested 🤷‍♂️
Dan Vega tweet media
English
8
10
167
7.5K
Rob Winch #BLM
Rob Winch #BLM@rob_winch·
Sad I missed it but impressed with how fast the recording was made available! Pro Tip: If you like to save time watch at 2x speed but remember to switch to 1/2 speed for @starbuxman so you don't finish & realize that your brain cannot keep up with @starbuxman (even at 1x speed)
Spring I/O@spring_io

Missed #springio24 today? 🍃 No worries, we’ve got you covered! The keynote video is now live. Enjoy! 🎉 ▶️ youtu.be/XUz4LKZx83g

English
0
1
17
3.9K

Keşfet

@yeekangc @IBM @starbuxman @Broadcom @alexsotob @myfear @DFINSolutions @BrianVerm