Deserialization vulnerabilities are one of the greatest nightmares for App Sec professionals. These attacks are also increasingly popular among malicious hackers because they are often easy to execute and difficult to prevent.
Oracle’s Q1 2017 Critical Patch Update includes a Java deserialization patch to help address a vulnerability that impacts virtually every Java app today running on a server which provides Remote Method Invocation (RMI). But that patch relies on a traditional approach to preventing deserialization attacks.
Waratek has developed a highly effective, virtualization based approach that does not rely on blacklisting or whitelisting to prevent attacks.
In this 30-minute webinar, you’ll learn:
- What is Deserialization and how Deserialization Attack Work
- Why traditional App Sec approaches are not working
- How to protect your applications from deserialization attacks without:
- Code changes
- Breaking your app
- The advantages of a virtualization-based approach to application security