Talk: Serialization Vulnerabilities in Java

For our first talk of 2020, Joe Beeton will be talking about Serialization Vulnerabilities in Java:

Serialization in Java, whether via java.io.ObjectInputStream or using a 3rd party library like Jackson-Databind, can leave applications vulnerable to attack. The talk will go through the underlying mechanism of serialization, why this allows attacks to occur and ways to mitigate these attacks.

Joe has been developing software for over 10 years and worked in application security for about 1½ years. He Initially worked for an archive and backup software company before moving to American Express. While there he has moved into application security and works on developing tooling and education to help development teams write more secure code.

Hot food and a selection of soft and alcoholic drinks will be provided by this month's sponsors, American Express.

RSVP's close at 5pm on the day, with Doors at 7pm until 7:30pm.

The Brighton Java code of conduct is available here: http://brightonjava.com/code-of-conduct/

If you have any questions about the event, please do get in touch with us via Meetup or email james@orbific.com