Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a critical security analysis of JavaScript applications in cloud computing environments in this 28-minute Black Hat conference talk. Delve into the vulnerabilities of JavaScript as Input (JAI) applications across four key deployment scenarios, understanding their operational methodologies and strategic significance. Learn about the security challenges posed by outdated versions, uniform software configurations, and the black-box nature of these applications. Discover how Large Language Models (LLMs) can be leveraged to overcome identification difficulties in vulnerability assessment. Witness practical demonstrations of zero-day exploits leading to Remote Code Execution (RCE) in major cloud platforms including AWS, Azure, and headless browser services, complete with exploitation tactics and post-exploitation strategies. Gain valuable insights into comprehensive defensive measures to protect cloud computing environments from JavaScript vulnerabilities, presented by security researchers and engineers from Imperial, EagleCloud, Nanyang Technological University, and the Chinese Academy of Sciences.
