Bio
Micah is Snyk’s Director of DevSecOps Acceleration. With 28 years of Java Experience (yup, that’s from the beginning) and 21 years as a security professional Micah’s authored numerous articles, co-authored a Java EE book, and spoken at many conferences. He’s a maker, who’s built full-size MAME arcade cabinets and repaired old electronic games (http://afitnerd.com/2011/10/16/weekend-project-fix-dark-tower/). He brings his love of all things security and Java to a conference near you!
My Talks
Beautiful SDK Design in Java for APIs
Often times Java SDKs for APIs look more like the API they represent than idiomatic Java.
This talk examines how great SDKs are built using design patterns.
It covers: enforced separation of Java...
Blasting Browser Security with Extensions
Multi-platform browser extensions are easier to write than ever, can have great authority to examine and alter HTTP requests and responses, and are shockingly easy to get listed on the official res...
Hacking OAuth: Pitfalls and Remedies
OAuth 2.0 is the most widely used standard for secure authorization on the Internet for modern Web and Mobile apps. There are a lot of pitfalls that can lead to an insecure app.
Load Testing the Hard Way with JMeter and DigitalOcean
Sure, Dockerizing JMeter in server mode for use in Digital Ocean's cloud service would be super easy. But, that's no way to learn a DevOps API!
In this talk, I walk through an application written ...
OAuth 2.0 and OpenID Connect (In Plain English)
You've probably at least heard of the OAuth and OpenID Connect standards. It's challenging to find a good overview of how they work. In this talk, Micah digs into these protocols in plain English, ...
Securing Java Microservices with Java JWT
Micah Silverman will take you on a token based journey. The talk covers what tokens are, looking at cryptographically signed tokens, using the JJWT library to create JWTs, mitigating CSRF attacks u...
SOLID Principles in Action: from Slack to Twilio
Rather than just speak about SOLID, this talk takes an existing Slack integration and walks through refactoring it to work with Twilio. Along the way, I touch on why each aspect of SOLID makes refa...
Testing in Production
How do you know your feature is working perfectly in production? If something breaks in production, how will you know? What do you do when your staging test results do not reflect current productio...