CSRF Attack & Defense presented at BsidesROC 2016

by John N. King,

Summary : Cross-site request forgery vulnerabilities are often poorly understood and considered a low priority, making them strong candidates for exploitation. This session will feature an attack demonstration against a web application that utilizes a Java stack, followed by a defense demo using OWASP CSRFGuard.