Name: Lightning Talk - Assessing and Exploiting XML Schemas Vulnerabilities
Start: 2016-10-13T09:30:00-0400
End: 2016-10-13T09:40:00-0400

Back To Schedule

Lightning Talk - Assessing and Exploiting XML Schemas Vulnerabilities

Specifications for XML and XML schemas have been designed with multiple security flaws. At the same time, these specifications provide the tools required to protect XML applications. This provides a complex scenario for developers and a fun environment for hackers.

Even though XML schemas are used to define the security of XML documents, they are also used to perform a variety of attacks: file retrieval, server side request forgery, port scanning, and/or brute forcing.

This talk will analyze how new attack vectors can be inferred by analyzing the current vulnerabilities and how it is possible to affect common libraries and software. Recommendations will be shared to safely deploy applications relying in XML.

Speakers

Fernando Arnaboldi

Security Consultant

Fernando Arnaboldi is a developer and a security consultant who specializes in penetration testing and code reviews on multiple platforms. He has focused his research on breaking the security of different programming languages and has presented his findings in security conferences... Read More →

Thursday October 13, 2016 9:30am - 9:40am EDT
Room C

Lightning Talks

AppSec USA 2016

Fernando Arnaboldi

Attendees (34)

AppSec USA 2016

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Fernando Arnaboldi

Attendees (34)