Synopsis

In a discussion focused on Cross Site Request Forgery (CSRF), explore the trust vulnerability and walk through a demonstration of the exploit in action. Understand how these attacks happen and what they look like from the perspective of both victim AND attacker.

Walk away with a grasp on the security implications of this weakness as well as understanding why the attack is possible and what steps should be done to prevent it. This session is a 45 minute demo with a 15 minute Q&A after. It is an advanced technical session intended for technicians, engineers, and developers with interest in web application security.

Bio
A vulnerability researcher, penetration tester, and social engineer, I am a professional breaker. A parent, biker, and security professional, I find my skillset constantly adapting to the most current techniques. A penetration tester and vulnerability researcher based in Columbus, Ohio, I have performed security assessments for clients ranging from financial institutions, e-commerce, telecommunications, manufacturing, education and government agencies, as well as international corporations. I focus on epitomizing the attackers in the wild in hopes of helping organizations and individuals understand how to avoid being victimized. My talks tend to be engaging, full of energy, and dynamic to meet the expectations of the audience.