Overview
Explore the evolution of Cross-Site Request Forgery (CSRF) attacks and defenses in this comprehensive 52-minute conference talk from NDC Security in Oslo. Delve into the history of CSRF attacks, examine current defense mechanisms including SameSite cookies, and investigate emerging threats like Cross-Origin Request Forgery in API-based applications. Gain a thorough understanding of CSRF attack patterns, their impact on applications, and the limitations of typical defense strategies. Learn best practices for protecting APIs against CSRF vulnerabilities and walk away with the knowledge to effectively mitigate these attacks in modern web applications.
Syllabus
The Past, Present, and Future of Cross-Site/Cross-Origin Request Forgery - Philippe de Ryck
Taught by
NDC Conferences