Java has been a very hot topic for security managers this year due to a steady stream of 0-day Java vulnerabilities that have been disclosed, with many of them being exploited in the wild. However, the challenges of Java-based threats go deeper than your average 0-day vulnerability, and these challenges will likely affect your approach to controlling them.
Because this is a hot topic and there is much interest to learn more this was the topic of my SecurityWeek article this week. In the article I delve further into challenges, like the broad attack surface and exploit-facing signatures, and share a few suggestions, including taking a layered approach and how to take a prevention approach.
For more detail, please read my full article on Security Week, here.