How to Find the Next Great Deserialization CVE - AppSecUSA 2016

Explore a comprehensive analysis of deserialization attacks in this 35-minute conference talk from AppSecUSA 2016. Delve into the commonalities between various deserialization vulnerabilities and learn a step-by-step approach to identifying and exploiting them. Examine an originally authored exploit for a recently discovered CVE and understand the challenges of using traditional application security defenses against these threats. Discover free and open-source options for protecting against deserialization attacks. Benefit from the expertise of Arshan Dabirsiaghi, Chief Scientist at Contrast Security, as he shares insights from his extensive experience in application security research and advising large organizations.

Arshan Dabirsiaghi - How To Find The Next Great Deserialization CVE - AppSecUSA 2016