Explore the security aspects of Scala's popular web application frameworks, Play and LiftWeb, in this 54-minute Black Hat conference talk by Erik Cabetas and Paolo Soto. Gain insights into the exploitation mitigations built into each framework and their implications for both attackers and defenders. Examine how the OWASP Top 10 vulnerabilities apply to Lift and Play frameworks. Learn about a publicly released "hack me" application and a Scala library designed to prevent Server-Side Request Forgery (SSRF). Understand the security considerations for Scala, an increasingly popular JVM language, especially in web start-ups and Financial Tech industries.
Scala Security - Examining the Play and LiftWeb Frameworks
Overview
Syllabus
Scala Security: Examining the Play and LiftWeb Frameworks
Taught by
Black Hat
Related Courses
-
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
-
OWASP Top 10 - A05:2021 - Security Misconfiguration
-
OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures
-
4 JVM Web Frameworks in 40 Minutes
-
SSRF PWNs - New Techniques and Stories
-
DataBinding2Shell - Novel Pathways to RCE Web Frameworks
