Struts 2, Equifax, and you: The story of the worst breach in history (sponsored by Contrast Security)
Arshan Dabirsiaghi explains what Contrast Security learned from the Struts 2 exploit and details how to stop the next attack against your production apps.
| Talk Title | Struts 2, Equifax, and you: The story of the worst breach in history (sponsored by Contrast Security) |
| Speakers | Arshan Dabirsiaghi (Contrast Security) |
| Conference | O’Reilly Velocity Conference |
| Conf Tag | Build resilient systems at scale |
| Location | New York, New York |
| Date | October 2-4, 2017 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
A flaw in the widely used Apache Struts 2 framework was disclosed by Apache on March 6. An exploit of that vulnerability was released on March 7, leading to a breach at Equifax that exposed the data of as many as 143 million US consumers. If you run web applications on the internet, then you most certainly have been (or are still being) probed. The team at Contrast Security continues to see exploit attempts from all over the world. Arshan Dabirsiaghi explains what Contrast Security learned from the Struts 2 exploit and details how to stop the next attack against your production apps. Arshan shares the inside scoop on how the company found, triaged, and shielded itself (and its customers) against Struts 2 attacks—all with no downtime. This session is sponsored by Contrast Security.
![Insecure Containers? Continuous Defense Against Open Source Exploits [A]](/2017/images/all/lf_huffc03acb4b89c823f315cae16e4b2e6b_29065_700x350_resize_q75_box.jpg)