1. Cross-Site Request Forgery
“The Sleeping Giant of Website Vulnerabilities”
Jeremiah Grossman | WhiteHat Security | 04/09/08 | Session Code: HT1-20304

2. Jeremiah Grossman
– WhiteHat Security Founder CTO
– Technology R and industry evangelist
(Named to InfoWorld's CTO Top 25 for 2007)
– Frequent international conference speaker
– Co-founder of the Web Application
Security Consortium
– Co-author: Cross-Site Scripting Attacks
– Former Yahoo! information security officer

3. Focus on “custom web applications”
Vulnerability Stack
WhiteHat
Security
“well-known”
vulnerabilities
Symantec
Qualys
Nessus
nCircle