Speaking at the RSA 2010 Conference about XML - the soft underbelly of the Cloud

Next week at the RSA Conference in San Francisco I am speaking about XML security, a topic which has renewed importance because XML is used as the basis for so many Cloud interfaces.

In the talk, I talk about XML vulnerabilities related to the Xerces parser, and also explain how techniques such as CDATA smuggling can be used to smuggle malicious content through XML interfaces. I present an example of one such interface which allows CDATA-masked XML through, to a Cloud SaaS provider.

If you're at RSA, give me a shout!