This interview was recorded for the GOTO Book Club. #GOTOcon #GOTObookclub
http://gotopia.tech/bookclub

Check out more here:
https://gotopia.tech/episodes/428

Laurenţiu Spilcă - Java Champion, Java Community Lead at Endava & Author of "Software Security for Developers" & more books @laurspilca 
Thomas Vitale - Senior Software Architect at Systematic & Author of "Cloud Native Spring in Action" @ThomasVitale 

RESOURCES
Laur
https://bsky.app/profile/laurspilca.bsky.social
https://x.com/laurspilca
https://www.linkedin.com/in/laurenţiu-spilcă-01a931107
https://laurspilca.com

Thomas
https://bsky.app/profile/thomasvitale.com
https://mastodon.online/@thomasvitale
https://twitter.com/vitalethomas
https://linkedin.com/in/vitalethomas
https://github.com/ThomasVitale
https://www.thomasvitale.com

Links
https://www.manning.com/books/software-security-for-developers
https://adibsaikali.wordpress.com
https://youtu.be/dz6RwoAzccM
https://youtu.be/z1B_mAlFVcE
https://youtu.be/DXCQjpxdikI
https://youtu.be/HMGL4XmHv58
https://youtu.be/8jwiABwGC6c
https://youtu.be/rviXe-WMPvo
https://youtu.be/fROpZ6EYa54
https://youtu.be/la4kc57F6jU
https://youtu.be/9mOuvrZtLbc

DESCRIPTION
Thomas Vitale sits down with Java Champion and author Laurentiu Spilca to discuss his co-authored book "Software Security for Developers". The conversation explores why security is so often avoided by developers, the widespread confusion between foundational concepts like encoding, hashing, and encryption, the dangers of reinventing established security standards, the growing risks of AI-generated code written without security awareness, and why understanding topics like PKI and certificates is more important than ever in modern software development.

TIMECODES
00:00 Intro
01:16 Making security accessible to every developer
11:30 Why developers should never reinvent security standards
17:40 The growing security risk of AI-generated code
23:25 Certificates, PKI & protecting sensitive credentials
26:15 Book availability & resources
28:41 Outro

RECOMMENDED BOOKS
Adib Saikali & Laurentiu Spilca • Software Security for Developers • https://amzn.to/4aPhqu0
Laurentiu Spilca • Spring, Start Here • https://amzn.to/3L6Sv6c
Laurentiu Spilca • Spring Security in Action • https://amzn.to/3LqEkZW
Laurentiu Spilca • Troubleshooting Java • https://amzn.to/4u5vkj0
Thomas Vitale • Cloud Native Spring in Action • https://amzn.to/3kLu1ns

https://bsky.app/profile/gotocon.com
https://twitter.com/GOTOcon
https://www.linkedin.com/company/goto-
https://www.instagram.com/goto_con
https://www.facebook.com/GOTOConferences
#SoftwareSecurity #Security #PKI #PublicKey #Java #CloudNative #Encryption #TodayInTech #SoftwareEngineering #Programming #LaurSpilca #LaurentiuSpilca #ThomasVitale #BookClub

CHANNEL MEMBERSHIP BONUS
Join this channel to get early access to videos & other perks:
https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/join

Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech
Sign up for updates and specials at https://gotopia.tech/newsletter

SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1

GOTO's resource offers insights, tutorials, and resources for software developers, architects, and technology leaders. Readers can learn about emerging technologies, industry trends, and best practices for software development. With articles, talks, and workshops, GOTO provides  guidance and expertise for staying ahead in the ever-evolving world of technology.

GOTO Conferences

A GOTO Book Club interview with Laur Spilca about his co-authored book 'Software Security for Developers'. The conversation covers why developers avoid security topics, common misconceptions around cryptography terms (encoding vs hashing vs encryption), JWT and OAuth2 confusion, PKI and certificates, and the dangers of reinventing security standards. The discussion also touches on AI-assisted development risks, arguing that developers must understand security fundamentals to properly guide AI tools rather than blindly trusting generated code. The book targets developers of all levels and uses Java/Spring examples while keeping concepts broadly applicable.

Software Security for Developers • Laur Spilca & Thomas Vitale • GOTO 2026