Software and Data Integrity Failures

Select Reports > Portal > Repository > Standard Content > OWASP > A 8 - Software and Data Integrity Failures.

Untrusted, or insecure, deserialization allows malicious users to use untrusted data to abuse the logic of an application, initiate a denial-of-service or injection attacks, or execute harmful code when the data is deserialized. The user could even replace a serialized object with objects of a different class. Deserialization is a common process where the web site or application takes data from a file, stream, or network and rebuilds it into an object. The serialized objects might be used in JSON, XML, or YAML.

Dashboards	Reports
Deserialization Flaws Overview	Deserialization Flaws

Deserialization Flaws

Lists the hosts with most deserialization flaws.

Deserialization Flaws Overview

Provides charts and a table to help you identify the top hosts, deserialization flaws, and flaws found over time. You can view the flaws by agent severity and risk indicator.