Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cross-Site Request Forgery - RSA (04.09.2008)

Cross-Site Request Forgery: The Sleeping Giant of Website Vulnerabilities - During the past several years, the same web attack has been discovered, analyzed and renamed. Whatever it's called, it means an attacker is compromising an array of website accounts. CSRF vulnerabilities are exploited across the web because it’s easy and most websites are susceptible. This session will describe CSRF and offer technical demonstrations and solutions to stop this threat.

  • Login to see the comments

Cross-Site Request Forgery - RSA (04.09.2008)

  1. 1. Cross-Site Request Forgery “The Sleeping Giant of Website Vulnerabilities” Jeremiah Grossman (founder CTO) WhiteHat Security HT1-203 04.09.2008 © 2008 WhiteHat Security, Inc.
  2. 2. 2 Jeremiah Grossman WhiteHat Security Founder CTO Technology R and industry evangelist (Named to InfoWorld's CTO Top 25 for 2007) Frequent international conference speaker Co-founder of the Web Application Security Consortium Co-author: Cross-Site Scripting Attacks Former Yahoo! information security officer © 2008 WhiteHat Security, Inc.