Tom Eastman - Serialization formats are not toys - PyCon 2015
"Speaker: Tom Eastman
It’s not in the OWASP Top 10, but you don’t have to look far to hear stories of security vulnerabilities involving deserialization of user input. In this talk I’ll go over what the threat is and how you might be making yourself vulnerable. I’ll cover the features (not bugs: features) of XML, YAML, and JSON that make them surprisingly dangerous, and how to protect your code from them.
Slides can be found at: https://speakerdeck.com/pycon2015 and https://github.com/PyCon/2015-slides"
Watch video Tom Eastman - Serialization formats are not toys - PyCon 2015 online, duration hours minute second in high quality that is uploaded to the channel PyCon 2015 12 April 2015. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 9,137 times and liked it 173 visitors.
