Loading…
THE MUST ATTEND EVENT FOR CYBERSECURITY PROFESSIONALS
Thursday September 26, 2024 11:30am - 12:15pm PDT
In this 45 minute offensively focused presentation we dive into GraphQL secondary context attacks and business logic vulnerabilities exploited in real world assessments. Secondary context attacks in particular can access impactful API endpoints using GraphQL as the jumping off point. The impact from these issues when exploited can be significant including unauthorized access to data, the ability to modify other users accounts, cross-tenancy failures, and SSRF. 

This presentation is fresh material to this topic and does not rehash existing GraphQL exploitation discussions. If you are interested in GraphQL attacks, you should attend this talk.

Speakers
avatar for Willis Vandevanter

Willis Vandevanter

Senior Staff Security Researcher, Sprocket Security
With 14 years of experience in penetration testing, Will Vandevanter  keeps coming back to his original obsession — hacking web apps. He has  previously spoken at Blackhat, DEFCON, OWASP and a number of other conferences on web application security. He has also released popular... Read More →
Thursday September 26, 2024 11:30am - 12:15pm PDT
Room: Grand Ballroom
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link