Insights/Case studies/Newsroom/CareersCareersCareersPartnersConsultantsTechnology innovationCorporateEarly careersSearch Jobs/About us/Contact us Global locations

  • Phone
  • Contact us
  • Locations
  • Search
  • Menu


  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Email this article
View or print a PDF of this page
Taking an integrated approach to cyber security [IK-rArZO4fQ]
Close this video

Understanding the security risk from XPATH 2.0 - PA at Black Hat Europe 2012

On 14 March, PA Consulting Group’s Sumit Siddharth spoke at the world’s premier IT security event, Black Hat Europe 2012, focusing on the vulnerabilities associated with the programming language, XPATH 2.0.

Sumit is an expert in penetration testing and application and database security and an industry-renowned security researcher. He joined Tom Forbes from PA Consulting Group, who has been working on the XPATH project during recent months.

Sumit and Tom shared insights and experience around penetration testing by demonstrating advanced exploitation techniques and the resulting threats to businesses. 

The talk provided a unique opportunity for attendees to gain in-depth knowledge about security vulnerabilities in XPATH 2.0. Attackers are obtaining confidential data from organisations by exploiting XPATH injection vulnerability and Sumit and Tom presented a number of real-life examples showing how attackers can do this.

To conclude, they released an innovative open-source tool that can be used to automate the exploitation of this vulnerability, helping you to establish whether your organisation is exposed to risks posed by an XPATH injection vulnerability under XPATH 2.0.

To find out more about how PA can help your organisation use the latest penetration testing techniques to improve its security and resilience in cyber space, please contact us now.

Nick Newman
Defence and security
contact us now
Ritu Sharma
Defence and security
contact us now

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.