YoVDO

The New Wave of Deserialization Bugs

Offered By: NorthSec via YouTube

Tags

NorthSec Courses Cybersecurity Courses Python Courses Java Courses PHP Courses Jenkins Courses

Course Description

Overview

Explore the critical issue of deserialization bugs in a 32-minute conference talk from NorthSec. Delve into the recent wave of vulnerabilities affecting major Java software like WebLogic, Jenkins, and JBoss due to a common bug pattern. Gain insights into the risks associated with deserialization mechanisms and learn how these vulnerabilities can be exploited. Discover available fixes for known vulnerable applications and understand the potential risks for proprietary enterprise software. Examine a tool designed to identify vulnerable patterns and extend your knowledge beyond Java, with examples provided for PHP and Python deserialization vulnerabilities.

Syllabus

Philippe Arteau - The New Wave of Deserialization Bugs


Taught by

NorthSec

Related Courses

Algorithms, Part I
Princeton University via Coursera Introduction à la programmation orientée objet (en Java)
École Polytechnique Fédérale de Lausanne via Coursera MongoDB for Java Developers
MongoDB University Initiation à la programmation (en Java)
École Polytechnique Fédérale de Lausanne via Coursera Intro to Java Programming
San Jose State University via Udacity