Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Everything You Wanted to Know About Client-Side CSRF But Were Afraid to Ask

OWASP Foundation via YouTube

Start learning Write review
Corporate Finance Institute Ad

35% Off Finance Skills That Get You Hired - Code CFI35

Learn More → Scrimba Ad

Our career paths help you become job ready faster

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the intricacies of Client-side Cross-Site Request Forgery (CSRF) in this comprehensive 54-minute conference talk by Soheil Khodayari, presented by the OWASP Foundation. Delve into the problem statement, static analysis techniques, and detection challenges associated with client-side CSRF. Learn about the JAW data collection method, Hybrid Property Graphs (HPGs) as building blocks, and their role in symbolic models and semantic types propagation. Examine vulnerability analysis techniques, evaluation of forgeable requests, and gain insights into JAW's scalability and performance. Enhance your understanding of CSRF security concerns and mitigation strategies in web applications.

Syllabus

Intro
Cross-Site Request Forgery (CSRF)
Client-side CSRF: Problem Statement
Static Analysis (to the Rescue)
Static Analysis (Cont'd)
Client-side CSRF: Exemplifying Detection Challenges
Other General Challenges for CSRF
JAW: Data Collection
Hybrid Property Graphs (HPGs): Building Blocks
HPGs: Symbolic Models and Semantic Types Propagation
Vulnerability Analysis
Evaluation: Forgeable Requests
JAW: Scalability and Performance

Taught by

OWASP Foundation

Reviews

Start your review of Everything You Wanted to Know About Client-Side CSRF But Were Afraid to Ask

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.