Adventures in CSRFing: Sharks in the Tubes
Cross-Site Request Forgery (CSRF) has been around for a long time but has only recently gained attention. CSRF continues to be an issue that is misunderstood, mishandled, and improperly ranked. Many still do not realize the depth of the problem that CSRF poses. After all, this vulnerability can be either completely devastating or totally innocuous. CSRF is not just a problem for Internet facing web applications. These attacks can be used on local networks and even the localhost. This presentation covers some of the more interesting aspects of CSRF. Attacks, risk assessment, and mitigation will all be covered.
- Presenting
- Nathan Hamiel, Founder, Hexagon Security Group
- Channel
- Information Security
- Date
- Apr 16 2009
- Duration
- 2464
- Tags
- Application Security Summit
Flash is required to view this webcast/channel:
You need version 9.0.115.0 or later of the free Flash player from Adobe
to use this content.
To download and install the free player from Adobe's web site
click here.
