How to Prevent Account Takeover Attacks - John Chirhart - ASW #109
Security Weekly Podcast Network (Video) · Security Weekly Productions
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Attackers are using methods such as password spraying and credential theft to commit fraud against websites at an alarming rate. Automated bots are aiding the attacker to conduct these operations at scale. Your defensive strategy should include a mechanism to determine if a session is being controlled by a real user or a bot. How can we best accomplish this without creating too much friction between the real users and your web applications?
To learn more about Google Cloud and reCAPTCHA, visit: https://securityweekly.com/recaptcha
To register for our upcoming webcast with Google Cloud: https://attendee.gotowebinar.com/register/886342018982842384?source=ASW
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ASWEpisode109