Friday 26th October, 2012
11:00am to 11:50am
Everyone knows the importance of software security. A successful attack against an application can result in a wide spectrum of negative consequences, including the cost of a business interruption, the cost of stolen or compromised data, and a damage to the reputation. Considering a huge and still-growing technology stack used in the average enterprise application, it is extremely difficult for developers to be aware of security aspects of each and every library in their stacks. This talk presents a summary of security vulnerabilities found in popular open-source Java frameworks. We discuss such security issues like code injections, XSS, information leakage, and others. The presented open-source projects include a dependency-injection framework, web frameworks, JPA providers, and application servers.
CTO of Yonita Inc., software visionary, Java expert, researcher, automated SE, (anti-)patterns, performance, security, concurrency, databases
Sign in to add slides, notes or videos to this session