Name: OWASP Toronto | The Current State of Insecure Deserialization Vulnerabilities
Start: 2022-12-14T18:30:00-05:00
End: 2022-12-14T20:30:00-05:00
Location: 1 Snooker St

\*\*\* There is a 40 person limit for the in-person meetup! Please RSVP separately here (https://forms.gle/x1LJBJWQH53gYHnR8) if you plan to attend in person! \*\*\*

TALK

The Current State of Insecure Deserialization Vulnerabilities

Summary:

Insecure Deserialization has proven to be a fruitful vector for remote code execution attacks in recent years. Research into this vulnerability class has evolved, leading to a variety of attack methods and tools, which aim to bypass the growing number of mitigations attempted. In this talk, I'll review some common attack methods used in various languages and environments, and review some case studies of recently patched vulnerabilities I found interesting.

Presenter:

Guy Lederfein

\* Vulnerability Researcher @ Trend Micro Security Research
\* Providing analysis and detection guidance for N-day vulnerabilities disclosed in popular software used in enterprise environments.
\* Background in Penetration Testing
\* Web Applications, Network, Mobile, etc.
\* B.Sc. in Computer Engineering

Yuk Fai Chan

Opheliar Chan

Adam G.

OWASP Toronto Chapter

OWASP Foundation 

Global Contributing Corporate Member & Local Event Supporter

Security Compass

Global Contributing Corporate Member & Local Event Sponsor

BDO Canada

Corellium

Cycode

DeepCove CyberSecurity

Dreadnode

Endor Labs

Leading Cyber Ladies Toronto Chapter

Miggo

Microsoft Reactor

OX Security

Pixee

Security Journey

Oligo

Technology

Open Source

Software Development

Web Security

Network Security

Web Development

Web Application

OWASP

Information Security

Application Security

Software Security

Cloud Security

Computer Security

Cybersecurity

Web Application Security