Skip to content

Web App Security and Apache Struts - A Post Mortem on Equifax

Photo of
Hosted By
Ian D.



In September 2017, Equifax announced a major security breach. The breach may have exposed sensitive data for over 100 million US consumers. The breach was due, in part, to a vulnerability in an older release of Apache Struts 2.x
This talk will examine the vulnerabilities from the Apache Struts framework. We will review the underlying Java code and discuss the fixes that were applied by the Apache Struts team.

Sean Sullivan is a Principal Software Engineer at HBC Digital. Sean has been a member of the HBC/Gilt team since 2011.

Bonus Topics:

• Chris Hansen will present his take-aways from JavaOne 2017 (short lightning talk).

• We will discuss ways to increase outreach and attendance for future PJUG meetings.
New Relic
111 SW Fifth Ave, Suite 2700 · Portland, OR
Google map of the user's next upcoming event's location