DubJUG 266 - Kadi McKean & Frithjof Hoffmann

Talk 1: Trailblazing: Lessons from the Oregon Trail for the Secure Software Supply Chain

Dysentery, snake bites, and drowning; classic ways to die in Oregon Trail. 

But how do you “die” in application development? Simple: a day-zero breach or cyberattack. Just one successful breach can land your organization on the front page of the news.

The question is: can you prevent it?

YES!

Today, open source components make up 90% of modern application dependencies. With the software industry’s reliance on open source, it’s critical to choose well-maintained, community-driven projects to withstand disasters like Log4j.

In this session with Kadi McKean, learn how attackers embed malicious code that evades sandbox detection or masquerades as legitimate vendor software. From Log4j vulnerabilities to state-sponsored malware in macOS Flutter apps, Kadi will dissect what exactly went wrong as you explore these real-world examples with her.

Discover emerging technologies that assess software risks without relying on source code, like automated static binary analysis and black-box testing. Gain actionable insights and best practices to uncover hidden threats in your software supply chain.

.

Talk 2: Get to “Yes” Faster: Simple, Scalable, and Secure Software Onboarding

Enterprise software onboarding is often where speed goes to die: manual security reviews, siloed workflows, and heavy dependence on third-party attestations create bottlenecks that slow down business-critical deployments. For AppSec and security teams, the challenge is balancing risk reduction with the pressure to move fast.

In this session with Frithjof Hoffmann, we’ll break down a practical approach to building a software onboarding program that is simple to operate, scalable across teams, and aligned with modern security expectations. Frithjof will show you how to reduce review friction, improve decision consistency, and help your organization get to “yes” faster - without lowering the bar on security.

.

About the Speakers

US based Kadi McKean's passion for this dynamic field ignited during her early experiences with COBOL development and Mainframe solutions. She is currently thriving at ReversingLabs, as a collaborator alongside developers and security researchers, helping others to prioritize OSS risk and safeguard applications from potential threats.

Find Kadi on Linkedin

.

Frithjof Hoffmann is a technical sales engineer and cybersecurity professional at ResversingLabs specializing in software supply-chain security, threat intelligence, and risk management. Based in Moormerland, Germany, he combines deep technical expertise with a strategic, customer-focused approach to help organizations gain visibility, reduce risk, and strengthen resilience across their software ecosystems.

Find Frithjof on Linkedin

.

About the Dublin Java User Group

Since 2006, the Dublin Java User Group, aka DubJUG, has been working with the global Java community to amplify technical knowledge for the benefit of Irish based developers and businesses. It is a resident member of Dublin's TechMeetup.space. 

Discover more: Website / LinkedIn

.

Our Partners

Gong is on a mission to empower companies to unlock their full revenue potential. We help everyone in revenue teams to improve productivity, increase predictability, and drive revenue growth by deeply understanding customers and business trends and taking impactful actions.

GONG ARE HIRING ➡️ Discover more: Website / LinkedIn

.

SQUARESPACE, the design-driven platform that helps entrepreneurs build their brands and businesses online. SQUARESPACE empowers millions of customers in more than 200 countries and territories with all the tools needed to create an online presence, build an audience, monetize, and scale their business. The SQUARESPACE suite of products range from websites, domains, ecommerce, and marketing tools, as well as tools for scheduling with Acuity, and creating and managing social media presence with Unfold.

Their team of more than 1,700 professionals is headquartered in bustling New York City, with offices in Dublin, Ireland and Aveiro, Portugal, and coworking spaces in the UK, Netherlands, and Australia.

Discover more: Website / LinkedIn

.

Integral Ad Science is a leading global media measurement and optimization platform that delivers the industry’s most actionable data to drive superior results for the world’s largest advertisers, publishers, and media platforms. IAS’s software provides comprehensive and enriched data that ensures ads are seen by real people in safe and suitable environments while improving return on ad spend for advertisers and yield for publishers. Our mission is to be the global benchmark for trust and transparency in digital media quality.

Discover more: Website / LinkedIn

.

Stackand.Co enrich the professional lives of Java software professionals - with over 20 years experience in the Irish tech recruitment market, they have helped many great people elevate their careers, and many great companies build their teams. 

Perhaps they can do the same for you working with companies like this one?

Discover more: Website / LinkedIn

.

GuruTeam delivers high end ICT learning, mentoring and consultancy services, in Ireland, the UK and worldwide. Their expert instructors formulate bespoke training to suit their clients and can deliver programmes on or offsite.

Discover more: Website / LinkedIn

.

FINEOS is a leading provider of core systems for life, accident and health insurers globally with 7 of the 10 largest group life and health carriers in the US as well as 6 of the largest life insurers in Australia. With employees and offices throughout the world, FINEOS continues to scale rapidly, working with innovative progressive insurers in North America, Europe, and Asia Pacific.

Discover more: Website / LinkedIn

.

tcube is a low-cost no frills workspace provider located at O'Connell Bridge in Dublin city centre. They provide hot-desks, dedicated co-working desks, office-for-a-day, meeting rooms, and event space.

Discover more: Website / LinkedIn

.

Companies. If you would you like to share your news, products, services and jobs opportunities with our community of software developers, please get in touch here :)