📌 O My Data: OData Injection attack in Microsoft Power Platform and UiPath - Amichai Shulman - скачать видео с ютуба бесплатно по ссылке

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...

Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: O My Data: OData Injection attack in Microsoft Power Platform and UiPath - Amichai Shulman в качестве 4k

У нас вы можете посмотреть бесплатно O My Data: OData Injection attack in Microsoft Power Platform and UiPath - Amichai Shulman или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:

Информация по загрузке:

Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон O My Data: OData Injection attack in Microsoft Power Platform and UiPath - Amichai Shulman в формате MP3:

Если кнопки скачивания не загрузились НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу страницы.
Спасибо за использование сервиса ClipSaver.ru

O My Data: OData Injection attack in Microsoft Power Platform and UiPath - Amichai Shulman

https://owasp2024globalappsecsanfra.s... This session presents a new attack technique called “OData Injection” that affects many API based environments and in particular Microsoft Power Automate, part of the Microsoft Power Platform. The technique can be used by attackers to extract sensitive data and bypass access controls. Furthermore, we show that if you think that “No Code” = “No Vulnerabilities”, you are in for a BIG surprise. Not only that applications and automations written by citizen developers are vulnerable to good ol’ injection attacks but these could be exploited by external attackers. We prove our points using demos of the attacks and vulnerabilities that simulate our findings in the field. Low Code / No Code (LCNC) Development and Robotic Process Automations (RPA, automations) is a rapidly growing trend within enterprises going through a digital transformation process. These tools and environments allow business users (called citizen developers), who are not software engineers, to quickly build enterprise applications, by just dragging and dropping objects within the platform’s UI. These applications typically automate their daily tasks and accelerate digital transformation within the organization - all this without writing a single line of code. Top platforms to support LCNC are Microsoft Power Platform and UiPath Cloud Automation. It is widely believed by organizations that since no code is involved in the development process, it is safe to assume that the resulting applications are not vulnerable to traditional security issues.Think again! Our research, backed by analyzing tens of thousands of applications and flows in large enterprises, shows that automations and applications which are perceived as “internal applications” are in fact exposed to external attackers. For the first time at OWASP Global AppSec, we will show how applications and automations built in the Microsoft Power Platform and UiPath Automation Cloud environments are also vulnerable to SQL Injection, OS Command Injection and more. - Managed by the OWASP® Foundation https://owasp.org/

Comments