Explore the evolution of Cross-Site Request Forgery (CSRF) attacks in this comprehensive 52-minute conference talk from NDC Security in Oslo. Delve into the history, current state, and future trends of CSRF attacks, including the emerging threat of Cross-Origin Request Forgery against API-based applications. Learn about modern defense mechanisms, such as SameSite cookies, and understand their limitations in addressing new attack variations. Gain insights into the attack patterns, their impact on applications, and how typical defenses work to mitigate these threats. Discover the vulnerabilities of API-based applications to CSRF attacks and learn best practice defenses for APIs. Walk away with a solid understanding of CSRF attacks, the conditions that make applications susceptible, and effective strategies to prevent CSRF attacks in your software development projects.
The Past, Present, and Future of Cross-Site and Cross-Origin Request Forgery
Overview
Syllabus
The Past, Present, and Future of Cross-Site/Cross-Origin Request Forgery - Philippe De Ryck
Taught by
NDC Conferences
Related Courses
-
The Past, Present, and Future of Cross-Site - Cross-Origin Request Forgery
-
The Past, Present, and Future of Cross-Site - Cross-Origin Request Forgery
-
Learn About CSRF Attacks
-
Cross Site Request Forgery (CSRF) Prevention for ASP.NET Core and ASP.NET Applications
-
Session Management Testing with Burp Suite
-
Specialized Testing: CSRF
