ASW #202 - Mike Benjamin

<p>Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in order to understand the similarities in what could go wrong, while also examining the differences in how each one influences modern application architectures.</p> <p> </p> <p>This week in the AppSec News: Lessons learned from fuzzing, OT:ICEFALL report on insecure designs, CSA's Top Threats to Cloud Computing, Twitter apologizes for misusing data collection, & State of Open Source Security report!</p> <p> </p> <p>Visit <a href= "https://www.securityweekly.com/asw">https://www.securityweekly.com/asw</a> for all the latest episodes!</p> <p>Follow us on Twitter: <a href= "https://www.twitter.com/secweekly">https://www.twitter.com/secweekly</a></p> <p>Like us on Facebook: <a href= "https://www.facebook.com/secweekly">https://www.facebook.com/secweekly</a></p> <p> </p> <p>Show Notes: <a href= "https://securityweekly.com/asw202">https://securityweekly.com/asw202</a></p>