A podcast series from MIT Professional Education in collaboration with Accenture Solutions

CSRF: The Sleeping Giant
[
MP3, 12 minutes]
Cross-site request forgery has been called a sleeping giant. Although it's not the most common of security vulnerabilities, it's gaining in prominence and is much harder to plug than more common vulnerabilities such as cross-site scripting and SQL injection. In this podcast, I explain how CSRF works, what strategies are typically used to deal with it, and why it remains an unsolved problem. [December 2011]


These podcasts are written and read by Daniel Jackson. The views expressed do not necessarily reflect those of MIT or Accenture. All similarities to real people (or software), living or dead, are coincidental. No animals or software developers were harmed in this production.

Introductory music used with kind permission of Chris Breemer via the Piano Society.

Copyright 2011-2012, Daniel Jackson