The insecure deserialization protection is now available to all PHP applications with agent version >= 1.23.0 .
Insecure deserialization occurs when unsanitized user inputs are processed through a deserialization function.
Insecure Deserialization results in code being loaded and executed through object instantiation and autoloading An attacker could exploit it in order to manipulate the code execution flow or run their own code, leading to Remote Code Execution (RCE).
Sqreen will detect attempts to exploit insecure deserialization vulnerabilities and prevent object injections in the context of the protected HTTP request.
Enable the RASP protection from your Dashboard
PHP update instructions are available in the docs
If you have any questions or feedback, we'd love to hear about it. Let us know via the chat button or send us an email at email@example.com