| |||||
| |||||
Search Irongeek.com: ![]() ![]()
Help Irongeek.com pay for bandwidth and research equipment: |
With more web applications using persistent logins and users keeping more applications open in browser tabs, Cross-Site Request Forgery (CSRF) is an attractive vulnerability for malicious actors to exploit. CSRF is one of the OWASP Top 10, and rightfully so. This talk will describe the vulnerability, show some examples (maybe demonstrate it, demo gods willing), and then show a few techniques to prevent and mitigate abuse. Bio: Barry is a professional software developer with some professional experience, primarily as a web developer using C# and .Net, and he detangles JavaScript and SQL as needed. Barry is also a member of his local OWASP chapter in Bloomington, where he practices conference talks. In his free time, he plays video games and practices lockpicking with the Bloomington Fraternal Order of Locksport. You may have met him at the Lockpicking Villages of CircleCityCon or DerbyCon.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast