A good resource for those interested in the benefits of deploying a SOA Gateway. This is hands-on
demonstration of attack vectors for SOA and Web Services and implementation of defense strategies using a SOA Gateway. Techniques include live examples of:
- SOAP based SQL Injection Attack
- Denial of Service Web Service Attack
- XSD Mutation
- Identity Discovery
Attack vectors are demonstrated using Crosscheck Networks SOAPSonar testing and diagnostics product and each attack is explained and mapped to the published CAPEC:
Common Attack Pattern Enumeration and Classification system.
The Forum Systems Sentry SOA Gateway is shown as the central defense mechanism for back-end services with live data transaction examples and defensive actions.
View the demonstration
here.
