Secure Guardrails Fundamentals: External Entity Injection

September 26th, 2024

For many organizations secure guardrails seem like an aspirational dream, but what if your team could implement them today? Listen to this workshop series on Secure Guardrails and learn how you can secure against External Entity Injection (XXE) attacks.

You should listen to this workshop if:

  • You’re a security engineer or member of the security community who is passionate about working with developers

  • You’re passionate about enabling developers to fix issues that matter to the organization

  • You are interested in writing and modifying Semgrep rules to protect against XXE attacks

After this workshop, you’ll learn:

  • Why you should prioritize External Entity Injection attacks and when it represents a major risk to your app

  • How to address whole bug classes with a paved road approach

  • How to create and enforce secure guardrails with custom Semgrep rules

  • How to automate remediation guidance with Semgrep Assistant

Pre-Requisites:

  • A Semgrep Cloud Platform account

Jason Kinsfather
Semgrep
Solutions Engineer