CG数据库 >> Secure Coding Rules for Java: Serialization

Secure Coding Rules for Java: Serialization的图片1

Secure Coding Rules for Java: Serialization

MP4 | Video: AVC 1280x720 | Audio: AAC 44KHz 2ch | Duration: 2 Hours | 512 MB

Genre: eLearning | Language: English

Secure Coding Rules for Java: Serialization LiveLessons provides developers with practical guidance for securely implementing Java Serialization.

Overview

Secure coding expert, Robert C. Seacord trains developers to understand Java serialization and the inherent security risks. Seacord also demonstrates how to securely implement serializable classes and evaluate mitigation strategies and alternative solutions.

Java deserialization is an insecure language features that is widely used both directly by applications and indirectly by Java modules and libraries. Deserialization of untrusted streams can result in remote code execution (RCE), denial-of service (DoS), and a range of other exploits. Applications can be vulnerable to these attacks even when they are free from coding defects.

Secure Coding Rules for Java: Serialization的图片2

Secure Coding Rules for Java: Serialization的图片1
Secure Coding Rules for Java: Serialization的图片2

发布日期: 2018-03-25