Automated Account Takeover - The Rise of Single Request Attacks

Explore the rise of single request attacks in account takeovers through this 49-minute conference talk from AppSecCali 2019. Delve into real-world case studies showcasing how attackers scale automated account takeovers using sophisticated techniques like headless browsers, JavaScript execution, and dynamic fingerprinting. Examine the limitations of traditional mitigation strategies and understand the growing incentives for attackers across various industries. Learn about tested pathways for preventing and mitigating single request attacks, and gain insights from Kevin Gosschalk, Founder and CEO of Arkose Labs, on distinguishing between computers and humans on the Internet. Cover topics including eye nerve mapping, the Kinect, fingerprinting, ITIN telemetry, photo image challenges, and specific examples from industries such as ticketing, gift cards, and credit cards.