Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Back To Schedule
Friday, September 27 • 1:45pm - 2:30pm
The State of Credential Stuffing and the future of Account Takeovers

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Credential Stuffing has existed since the first leaked password but has exploded in the past 3 years. Why? What has changed and where does it go from here? The tools that enable credential stuffing attacks and other OWASP Automated Threats are converging on a single strategy, the complete imitation of user behavior and characteristics – real user behavior on real devices on real home networks. This level of extreme mimicry makes discerning good from bad difficult and the web is having a hard time keeping up. This level of sophistication is not cheap and is only possible because the cost vs value of modern credential stuffing attacks is weighted dramatically in an attacker's favor. This session will go over the modern attack landscape, the cost of an attack, the value of stolen accounts, and makes predictions about where attacks go from here.

avatar for Jarrod Overson

Jarrod Overson

Director, F5
Jarrod is a Director of Engineering at Shape Security where he led the development of Shape's Enterprise Defense. Jarrod is a frequent speaker on modern web threats and cybercrime and has been quoted by Forbes, the Wall Street Journal, CNET among others. He’s the co-author of O’Reilly’s... Read More →

Friday September 27, 2019 1:45pm - 2:30pm CEST