AppSecCali 2019 - Browser fingerprints for a more secure web - Julien Sobrier & Ping Yan
Browser fingerprints can be used to invade users' privacy by tracking them across websites. But they can also be used to protect users against account takeovers. At Salesforce, we have successfully deployed browser fingerprints to detect session roaming. We have build a machine learning model to detect anomalies in changes in the browser and device configuration. This model has successfully detected actual session takeover. This talk will explain how browser fingerprints can be used, how to collect data in the background and how to model unusual changes.
Speakers
Julien Sobrier
Lead Security Product Owner, Salesforce
Julien Sobrier has spent 10+ years in the Security industry, as a Security Researcher at Netscreen/Juniper and Zscaler, then Product Manager at Zscaler and now Product Security Owner at Salesforce. He as co-author Power Security Tools (O'Reilly) and released many browser security.
Ping Yan
Research Scientist, Salesforce
Ping spent a decade innovating ways of making sense of data in various domains, from consumer behavior modeling to algorithmic security threat detection. Her works were published as journal articles, monographs and books. Ping has a Ph.D. in Management Information System.
-
Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...