OWASP Atlanta is a local meetup that uses the framework from the Open Web Application Security Project, a well-known tool of security practitioners. The group has presentations about web and mobile development security.
Upcoming OWASP Atlanta Meetings
I don't always exploit web apps, but when I do, I prefer XX-E
• What we'll do
XML Parsers are a key, and often overlooked, element in most web applications we use everyday. We encounter them in integrated Google and Facebook sign-ins, in all major browsers, in embedded devices, and still in a huge number of web APIs. Many of these parsers are vulnerable to XML External Entity (XXE) processing attacks. While XXE is not as well known as many other security risks, it is as prevalent as SQL Injection and more damaging than Cross-Site Scripting. This has earned it the #4 spot on the 2017 OWASP Top 10 Critical Web Application Security Risks. This presentation will introduce the audience to what an XXE issue is, where they occur, what causes them, how they are exploited, and how to avoid them. Real world examples and demonstrations are used to give the audience a better understanding of where in their application stacks this issue could be lurking.
• What to bring
• Important to knowAlpharetta 30004 - USA
Thursday, February 15 at 6:30 PM