I’ve had the chance to speak about Java Deserialization Vulnerabilities at the OWASP AppSecEU conference in Rome.
Enjoy the video: