Security is the poster child of a Non-Functional Requirement: most people don’t care until the proverbial fecal matter hits the rotary propeller. Consequences can range from losing reputation to legal liability to putting the business out. In my post on running unsecured code, I concluded that you should treat security as a risk - and left it at that. I think it warrants a dedicated post. Risk management is pretty much documented.

Recently, I talked with a friend working for a public administration. He was very happy because they finally would be migrating to Java 8. Yes, you read that right. Just to prevent any possible misunderstanding, the following table shows the update options for Java versions (from Oracle Java SE Support Roadmap)