Aditya Balapure - Team Lead, Information Security, Grubhub
Authentication has been a major pillar that has determined the security health of the public web. Not surprisingly it has also been one of the most common targets of attackers and how they have grown as a community. As an industry, we have moved towards better privacy practices, encryption in transit and better authentication technologies but at the same time the attackers have constantly kept pace with these changes. In this presentation we’ll discuss how attackers have abused Transport Layer Security (TLS) certificate trust and are using more distributed ways including using botnets, IoT devices and cloud servers to target web authentication.