Secure coding in Java : serialization : LiveLessons /

"Secure coding expert, Robert C. Seacord trains developers to understand Java serialization and the inherent security risks. Seacord also demonstrates how to securely implement serializable classes and evaluate mitigation strategies and alternative solutions. Java deserialization is an insecure...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Otros Autores: Seacord, Robert C. (Orador)
Formato: Electrónico Video
Idioma:Inglés
Publicado: [Place of publication not identified] : Addison-Wesley Professional : Pearson, [2018]
Colección:LiveLessons (Indianapolis, Ind.)
Temas:
Java (Computer program language)
Object-oriented programming languages.
Java (Langage de programmation)
Langages orientés objet (Informatique)
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Descripción
Sumario:"Secure coding expert, Robert C. Seacord trains developers to understand Java serialization and the inherent security risks. Seacord also demonstrates how to securely implement serializable classes and evaluate mitigation strategies and alternative solutions. Java deserialization is an insecure language features that is widely used both directly by applications and indirectly by Java modules and libraries. Deserialization of untrusted streams can result in remote code execution (RCE), denial-of service (DoS), and a range of other exploits. Applications can be vulnerable to these attacks even when they are free from coding defects."--Resource description page
Notas:Title from title screen (viewed April 5, 2018).
Descripción Física:1 online resource (1 streaming video file (3 hr., 31 min., 13 sec.))

Ejemplares similares