Loading…
September 27-30, 2021
Seattle, Washington, USA + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit + Embedded Linux Conference + OSPOCon 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Tuesday, September 28 • 12:00pm - 1:00pm
(IN-PERSON) Tutorial: Yes, Your Applications are Under Attack - Struts2 Vulnerability Workshop - Sponsored by Sonatype

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
This session will include information about how popular open source has become and how it is driving innovation for enterprises in today's market. Open source allows enterprises to get value to market faster, and ensure the survival of many businesses. But open source software (OSS) has recently been an attack vector and focus for cybercrime syndicates. How can you protect yourself? What are you up against? We will also cover how the Struts2 vulnerability, a common java OSS component, led to the attack and breach of several financial institutions. In this workshop, we will set up the Struts2 application and walk through not only how to exploit it, but also how to protect yourself from this attack.
Speakers
avatar for Joe Nicastro

Joe Nicastro

Sales Engineer, Sonatype
Joe Nicastro has spent the better part of a decade helping organizations increase their security posture and awareness, with the last couple of years focused on helping organizations fit the sec into their devsecops processes. Outside of work, he enjoys a number of hobbies including... Read More →

Tuesday September 28, 2021 12:00pm - 1:00pm PDT
Room 501
  Wildcard