Struts 2 Must Die The Life and Inevitable Death of Java’s Spaghettiest™ Framework EUGENE ROJAVSKI
Update: 2019-07-05
Description
OWASP Global AppSec Tel Aviv
https://telaviv.appsecglobal.org/
Struts2 Java framework has started as a cool modern framework and ended up like a bomb periodically exploding into security teams’ faces. Now it’s impossible to get rid of from production and it may lead to massive damage like Equifax breach because of the architectural decisions from long time ago. Take the plunge into OGNL swamp, play the cat and mouse game alongside with Struts2 developers and security researchers and finally find out prerequisites to blow up the framework with a new exploit
Eugene Rojavski
Application Security Researcher, Checkmarx
A passionate appsec specialist who loves to poke things until they explode. 8 years in infosec and appsec constantly pursuing a goal to unravel the mystery of security. I enjoy coaching others how to create "securer things"
-
Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP_Media_Project
https://telaviv.appsecglobal.org/
Struts2 Java framework has started as a cool modern framework and ended up like a bomb periodically exploding into security teams’ faces. Now it’s impossible to get rid of from production and it may lead to massive damage like Equifax breach because of the architectural decisions from long time ago. Take the plunge into OGNL swamp, play the cat and mouse game alongside with Struts2 developers and security researchers and finally find out prerequisites to blow up the framework with a new exploit
Eugene Rojavski
Application Security Researcher, Checkmarx
A passionate appsec specialist who loves to poke things until they explode. 8 years in infosec and appsec constantly pursuing a goal to unravel the mystery of security. I enjoy coaching others how to create "securer things"
-
Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP_Media_Project
Comments
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
x
