Featured resource
pluralsight tech forecast
2025 Tech Forecast

Which technologies will dominate in 2025? And what skills do you need to keep up?

Check it out
Hamburger Icon
  • Course
    • Libraries: If you want this course, consider one of these libraries.
    • Security

Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities

This course will teach you what XML External Entity vulnerabilities are, how they are exploited, how you can identify the vulnerabilities in your code, and how you can protect your code against exploitation.

Peter Mosmans - Pluralsight course - Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities
by Peter Mosmans

What you'll learn

The OWASP Top 10 2017 contains a new entry; XML External Entities (XXE). As not many people know what this vulnerability is, it can be difficult to prevent against. In this course, Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities, you will learn what this vulnerability is, how it ended up in the latest OWASP Top 10, how you can identify it in your code, and how to protect against it. First, you will discover the impact of a successful XML External Entity attack. Next, you will explore how to identify risky parts in your code base. Finally, you will learn how to mitigate against vulnerabilities. By the end of this course, you will be familiar with the risk that XML External Entities pose.

Table of contents

About the author

Peter Mosmans - Pluralsight course - Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities
Peter Mosmans

Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. Since 2004, he started specializing in pentesting complex and feature-rich web applications. Currently, he leads a global team of highly skilled and enthusiastic penetration testers as lead pentester.

More Courses by Peter