On 14 March, PA Consulting Group’s Sumit Siddharth spoke at the world’s premier IT security event, Black Hat Europe 2012, focusing on the vulnerabilities associated with the programming language, XPATH 2.0.
Sumit is an expert in penetration testing and application and database security and an industry-renowned security researcher. He joined Tom Forbes from PA Consulting Group, who has been working on the XPATH project during recent months.
Sumit and Tom shared insights and experience around penetration testing by demonstrating advanced exploitation techniques and the resulting threats to businesses.
The talk provided a unique opportunity for attendees to gain in-depth knowledge about security vulnerabilities in XPATH 2.0. Attackers are obtaining confidential data from organisations by exploiting XPATH injection vulnerability and Sumit and Tom presented a number of real-life examples showing how attackers can do this.
To conclude, they released an innovative open-source tool that can be used to automate the exploitation of this vulnerability, helping you to establish whether your organisation is exposed to risks posed by an XPATH injection vulnerability under XPATH 2.0.
To find out more about how PA can help your organisation use the latest penetration testing techniques to improve its security and resilience in cyber space, please contact us now.