Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities

via Pluralsight

Overview

This course will teach you what XML External Entity vulnerabilities are, how they are exploited, how you can identify the vulnerabilities in your code, and how you can protect your code against exploitation.

The OWASP Top 10 2017 contains a new entry; XML External Entities (XXE). As not many people know what this vulnerability is, it can be difficult to prevent against. In this course, Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities, you will learn what this vulnerability is, how it ended up in the latest OWASP Top 10, how you can identify it in your code, and how to protect against it. First, you will discover the impact of a successful XML External Entity attack. Next, you will explore how to identify risky parts in your code base. Finally, you will learn how to mitigate against vulnerabilities. By the end of this course, you will be familiar with the risk that XML External Entities pose.

Topics:
  • Course Overview
  • Understanding the Dangers of XML External Entities (XXE)
  • Understanding XML External Entities (XXE) Injection and Expansion
  • Identifying Vulnerable Parts Within Existing Code
  • Mitigating XML External Entity (XXE) Vulnerabilities

Taught by

Peter Mosmans

Related Courses

Reviews

Start your review of Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities

Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free