Home / Companies / GitGuardian / Blog / Post Details
Content Deep Dive

Highlights from the 2021 RSA conference - Attack and defend a unique approach to exploiting credentials

Blog post from GitGuardian

Post Details
Company
Date Published
Author
Mackenzie Jackson
Word Count
556
Company Posts That Month
6
Language
English
Hacker News Points
-
Post removed?
No
Summary

The RSA conference presentation by Johannes Ullrich and Jason Lam explored the vulnerabilities and defenses associated with modern distributed applications, emphasizing the potential for sophisticated attackers to exploit authentication tokens. Utilizing a unique role-play format, Lam demonstrated how an attacker could manipulate their own legitimate authentication token—specifically a bearer token—to access sensitive information by bypassing security controls and extracting data using tools like CURL commands and jwt.io. This approach highlighted that attackers do not necessarily need leaked or stolen credentials to compromise systems, as they can exploit their own tokens to gain unauthorized access. Ullrich, playing the defender, provided insights into strategies for mitigating such attacks, illustrating the dynamic interplay between offensive and defensive cybersecurity tactics.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 1 449 53 30 -56%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.