Conference:  Global AppSec Dublin 2023

Authors: Felipe Zipitria, Juan Pablo Tosso

2023-02-15

The presentation discusses the importance of web application firewalls (WAFs) in cybersecurity and the benefits of using the open-source WAF, Coraza. The speaker emphasizes the need for companies to embrace API security and the new internet, and highlights the challenges of handling SQL injection and cross-scripting attacks. The presentation also showcases the Coraza playground, a tool for debugging and testing web applications.

• WAFs are crucial in protecting against cyber threats such as SQL injection and cross-scripting attacks
• Coraza is an open-source WAF that offers active development and easy customization through customer support
• API security and the new internet must be embraced by companies
• Handling SQL injection and cross-scripting attacks is challenging due to the variety of SQL dialects and HTML syntax
• The Coraza playground is a useful tool for debugging and testing web applications

Conference:  Global AppSec San Francisco 2022

Authors: David Senecal

2022-11-17

Fraudsters attack websites for profit and to make a living. As a basic principle, it requires that the income they generate from their attack is at least higher than their cost but also ideally enough to sustain their lifestyle. In this talk, I'll share my research focusing on understanding the potential net income for fraudsters who specialize in credential stuffing attacks against sites from different industries protected with different types of technologies. We’ll take the point of view of the attacker and look at the infrastructure and software they must develop, deploy, and maintain to successfully attack sites that are protected with Web Application Firewall (WAF), a bot management product, or an advanced fraud detection product. In conclusion, we’ll compare and contrast which solution is most effective in destroying the attacker’s economic incentive and forcing them to stop.This research is based on facts collected on the dark web, Telegram, Discord, and other social media platforms where fraudsters regularly exchange information as well as the attack traffic I observed while working for Arkose Labs.