Loading…
This event has ended. Visit the official site or create your own event on Sched.
Get your ticket and additional info and support at jcon.one
Back To Schedule
Thursday, October 7 • 10:00 - 11:00
Brace for your next Race - Race conditions in Servlets and Controllers

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Race conditions are not an issue of the past nor a scenario that people can find themself in only when deciding to develop a multithreading architecture. In our day-to-day programming sessions, we probably deal with multithreading more than one may think. What about that simple Controller you wrote with just few lines of code? Could it be leaking customer data? MVC Controllers methods are, by default, executed in a multithreaded environment where it is crucial to understand when a variable will be accessed and how to synchronize access to shared resources. Failing to do so can have an impact on the security of your application and lead to issues that are difficult to reproduce. Here we will demonstrate a race condition on MVC controller and j2EE Servlet as introduction to a live coding session; we will discuss strategies that can be applied to mitigate the issue and conclude with a summary of how these methods can have an impact on the application’s performance and some other possible alternative

Speakers
avatar for Giuseppe Trovato

Giuseppe Trovato

Security Researcher, Veracode
Giuseppe has always been fascinated by many aspects of Information Security and chose to focus on software security when he joined Veracode in 2014. He has spent his time building stuff, helping developers with the identification of compensating controls and providing support for... Read More →


Thursday October 7, 2021 10:00 - 11:00 CEST
#5 Web Development