Really enjoyed the session on 10 Java Security Practices by @BrianVerm at @DevoxxUK I found the yaml DOS attack really interesting. You can find more about that here - https://snyk.io/blog/java-yaml-parser-with-snakeyaml/ or if you prefer some code, here is a little demo I wrote https://github.com/leeturner/snakeyaml-dos-vulnerability
Hi, I’m Lee 👋. Senior Software Engineer at WireMock, Snyk Ambassador, Hacker of code. Appsec enthusiast. Runs Brighton Kotlin & Brighton JUG