Application Security : Protect yourself against XML eXternal Entity (XXE) attack

Companies may pay over $10,000 in bug bounties for XXE attack. These attacks can be exploited when developing web applications or APIs that are leveraging XML. If misconfigured, they can often exposed to XXE attacks. In this video, Certus Cybersecurity's Maxwell Zhou shows how developers and security teams can identify and protect against such attacks.

More insights - https://www.certuscyber.com/insights/

Chapters
0:00 Introduction
0:11 What is XXE attacks
0:39 Details about XML Internal Entity
0:53 First demo: Class enrollment
1:42 Second demo: Exploiting blind XXE to exfiltrate
3:07 How to prevent XXE attack
3:26 Company Trailer

Welcome to the official Certus Cybersecurity's YouTube channel. This channel will host news about tutorial and other great content. We want to give back to community.