tag:blogger.com,1999:blog-732257695511948254.post6458272097950349033..comments2022-11-09T05:58:31.969-08:00Comments on Nibble Security: Fixing Java Serialization Bugs with SerialKillerClaudio Criscionehttp://www.blogger.com/profile/12202628660778574382noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-732257695511948254.post-26842274857779391342015-11-14T19:10:40.871-08:002015-11-14T19:10:40.871-08:00We just released a different solution to this prob...We just released a different solution to this problem. It's free and open source. Contrast-rO0 is a lightweight Java agent that uses instrumentation to block attacks targeting object deserialization problems like those described above.<br /><br />This approach is the only way to protect your *entire* application because the problem can exist in libraries or frameworks. Rather than re-architecting your entire messaging infrastructure, this agent absolutely prevents this vulnerability from being exploited.<br /><br />https://github.com/Contrast-Security-OSS/contrast-rO0jwilliamshttps://www.blogger.com/profile/16837701522866491602noreply@blogger.com