ASW #202 - Mike Benjamin - podcast episode cover

ASW #202 - Mike Benjamin

Jul 14, 20221 hr 15 min
--:--
--:--
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in order to understand the similarities in what could go wrong, while also examining the differences in how each one influences modern application architectures.

 

This week in the AppSec News: Lessons learned from fuzzing, OT:ICEFALL report on insecure designs, CSA's Top Threats to Cloud Computing, Twitter apologizes for misusing data collection, & State of Open Source Security report!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Show Notes: https://securityweekly.com/asw202

For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
ASW #202 - Mike Benjamin | Application Security Weekly (Audio) podcast - Listen or read transcript on Metacast