Application security, Managed services, Threat intelligence

How to Prevent Account Takeover Attacks – John Chirhart – ASW #109

Attackers are using methods such as password spraying and credential theft to commit fraud against websites at an alarming rate. Automated bots are aiding the attacker to conduct these operations at scale. Your defensive strategy should include a mechanism to determine if a session is being controlled by a real user or a bot. How can we best accomplish this without creating too much friction between the real users and your web applications?

To learn more about Google Cloud and reCAPTCHA, visit: https://securityweekly.com/recaptcha

To register for our upcoming webcast with Google Cloud: https://attendee.gotowebinar.com/register/886342018982842384?source=ASW

Sponsored By

Google Cloud
Full episode and show notes

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

John Chirhart
John Chirhart
Customer Experience Engineer at Google Cloud

John is an Engineer on Google Cloud Security’s User Protection Services (UPS) Team. He specializes in developing capabilities and solutions to detect and mitigate automated attacks against web applications and infrastructure. John first joined Google as part of Chronicle, a Google Moonshot Factory Graduate. He’s an information security and compliance veteran with 18+ years of experience.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
VP, Product at Living Security
Mike Shema
Mike Shema
Security Partner at Square
prestitial ad