DiscoverDevelopSec: Developing Security AwarenessEp. 115: Is CSRF Really Dead?
Ep. 115: Is CSRF Really Dead?

Ep. 115: Is CSRF Really Dead?

Update: 2019-11-06
Share

Description

In 2020, Chrome will default the SameSite attribute to Lax on all cookies. SameSite helps mitigate CSRF, but does that mean CSRF is Dead?

For more info go to https://www.developsec.com or follow us on twitter (@developsec).

Join the conversations.. join our slack channel. Email james@developsec.com for an invitation.

 DevelopSec provides application security training to add value to your application security program. Contact us today to see how we can help.

Send us a text

For more info go to https://www.developsec.com or follow us on X (@developsec).

The DevelopSec podcast is brought to you by Jardine Software Inc.

Comments 
loading
In Channel
Ep. 124: Double-ClickJacking

Ep. 124: Double-ClickJacking

2025-02-2421:07

Ep. 123: Goals of Security Culture - Sort of?

Ep. 123: Goals of Security Culture - Sort of?

2025-02-1807:56

Ep. 122: Integrating Security Responsibilities into Development

Ep. 122: Integrating Security Responsibilities into Development

2025-02-1018:04

Ep. 121 - Evolving Ransomware: Unique Tactics for Payment

Ep. 121 - Evolving Ransomware: Unique Tactics for Payment

2024-05-0717:44

Ep. 120: Addressing Root Cause - Vulnerable Components

Ep. 120: Addressing Root Cause - Vulnerable Components

2023-01-3116:30

Ep. 119: Risks of SpellCheck

Ep. 119: Risks of SpellCheck

2023-01-1912:35

Ep. 118: Log4J Sparking Thought on Vulnerable Components

Ep. 118: Log4J Sparking Thought on Vulnerable Components

2021-12-1924:27

Ep. 117: How Browsers are Helping with Security

Ep. 117: How Browsers are Helping with Security

2020-02-0913:49

Ep. 116: Chrome Retires XSS Auditor

Ep. 116: Chrome Retires XSS Auditor

2019-11-1514:07

Ep. 115: Is CSRF Really Dead?

Ep. 115: Is CSRF Really Dead?

2019-11-0615:09

Ep. 114: Investing in People for Better Application Security

Ep. 114: Investing in People for Better Application Security

2019-10-2924:37

Ep. 113: What is your mother's maiden name?

Ep. 113: What is your mother's maiden name?

2019-05-2821:00

Ep. 112: Application Fingerprinting

Ep. 112: Application Fingerprinting

2019-01-2221:04

Ep. 111: Authentication Alerts

Ep. 111: Authentication Alerts

2019-01-1416:07

Ep. 110: Implementation Matters

Ep. 110: Implementation Matters

2019-01-0719:17

Ep. 109: 2018 Reflection

Ep. 109: 2018 Reflection

2019-01-0227:26

Ep. 108: Dunkin Donuts Breach, Maybe??

Ep. 108: Dunkin Donuts Breach, Maybe??

2018-12-1218:25

Ep. 107: Credential Stuffing

Ep. 107: Credential Stuffing

2018-11-0918:36

Ep. 106: Facebook Breach Take-aways and Insights

Ep. 106: Facebook Breach Take-aways and Insights

2018-10-0431:18

Ep. 105: Interview with Eric Johnson

Ep. 105: Interview with Eric Johnson

2018-09-2057:11

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Ep. 115: Is CSRF Really Dead?

Ep. 115: Is CSRF Really Dead?

Jardine Software Inc.