XML External Entities (XXE) is a dangerous vulnerability, currently ranked fourth (A4) in the OWASP Top Ten. Resolving this vulnerability should be a high priority for all Java developers. In this presentation, presented by Anat Mazar (https://www.linkedin.com/in/anat-mazar/) and Michael Furman (https://www.linkedin.com/in/furmanmichael/) on the OWASP meetup we will Demonstrate why XXE is so dangerous Show you how this vulnerability is typically resolved – in each and every place in the code that you parse an XML file Show you the better resolution – set a couple of system Java system properties once, and never worry about XXE again.
My SameSite Cookies podcast at the Application Security Podcast - Security Journey Podcasts. Learn about SameSite cookies, the threats they counter, and how SameSite + the Synchronizer Token Pattern work together to counter CSRF. .
My presentation at OWASP Chapters All Day The video is published here. How SameSite Cookies Are Making the World a Safer Place from Michael Furman
My presentation at SecSessions - Cybersecurity Meetup The video is published here. OWASP Top Ten 2017 from Michael Furman
My presentation at Java.IL - the Israeli Java Community meetup. OWASP A4 XML External Entities (XXE) from Michael Furman