Never be caught tongue-tied in an Application Security Engineer Interview. In this video Abhay Bhargav explores the popular Security Engineer Interview question from Glassdoor and Indeed "What is XXE?" #XXE is a key vulnerability in OWASP (Open Web Application Security Project) Top 10 and is a serious vulnerability that can have devastating impacts against your Web Application or Web Service. XXE can result in Local-File Include, Remote File Include, Remote Code Execution, Server-Side Request Forgery or #SSRF and Denial of Service. Abhay explores XXE in the form of an offensive and defensive demo directly from AppSecEngineer's Learning Path "Application Security" AppSecEngineer is a powerful training platform that delivers amazing hands-on training on AppSec, AWS Security, Cloud Security, Kubernetes, Container Security and Advanced Application Security. #AppSecEngineer is ideal for jobseekers, knowledge seekers and companies that want to get their workforce equipped to handle real-world security issues with their newly minted and highly educated AppSec Engineers Content of this video 0:00- Intro 0:18- What is XML external entities 02:18- XML DTD 03:17- XXE- Remote code execution 04:17 -XXE SSRF 05:27- XXE interactive lab demo 15:30- Like and subscribe Learn more about XXE at https://appsecengineer.com/application-security-courses/ Twitter: https://twitter.com/AppSecEngineer Linkedin: https://linkedin.com/company/AppSecEngineer ... https://www.youtube.com/watch?v=vmQsCVg9AzQ

Get ready for the AI takeover! Join us on the frontlines of AI Security, where hackers harness AI models to create a new wave of cyber threats. Explore the AI & LLM Security collection on @AppSecEngineer! https://www.appsecengineer.com/ai-llm-security-collection #Cybersecurity #AI #Infosec #GenAI #training #AISecurity ... https://www.youtube.com/watch?v=SUnC_4OltpQ

Learn more at: https://www.appsecengineer.com/developers When developers write insecure code, they're wasting both time and resources. Insecure code means more vulnerabilities, which means more hours wasted on remediation. You can't ignore security, but you want to build faster. What's the solution? Secure code training. Leaders, project managers, and developers all over the world agree on one thing: secure coding is a priority. In order to save time, avoid rework, and build better products, companies need to train their developers in skills that can transform their business. Learn how to never ship a bad line of again with AppSecEngineer: https://www.appsecengineer.com/developers Understand how AppSecEngineer can get your entire product team competent in 8 domains of AppSec: https://www.appsecengineer.com/main-menu-pages/teams #developer #aws #devsecops #security #appsecengineer #applicationsecurity #securitytraining ... https://www.youtube.com/watch?v=ZJGRyvD3P60

It's the last day of Cybersecurity Awareness Month! Today we're learning about TLS encryption, and the 7-step 'handshake' between the client and server before they begin communicating securely. Learn more about cryptography and secrets management through hands-on labs and challenges on AppSecEngineer. DevSecOps Bundle - https://checkout.appsecengineer.com/devsecops-security-specialist AppSecEngineer For Businesses: https://www.appsecengineer.com/business-pricing AppSecEngineer For Individuals: https://www.appsecengineer.com/main-menu-pages/pricing #SecureOurWorld #cybersecurity #CybersecurityTraining #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #StaySafeOnline #DevSecOps #encryption #cryptography #tls ... https://www.youtube.com/watch?v=6KnboEhzc94