Loading…
← Back to schedule
SameSite... Or Not? Exploring novel bypasses for SameSite cookie protections
Monday June 1, 2026 4:00pm - 4:20pm PDT
Track 3 - AppSec Track - Room 1420/1430 - Sponsored by Google Cloud Security - Hosted by OWASP
SameSite cookies are often relied upon too heavily to prevent cross-site request forgery, yet, due to browser implementations, they can be included in unexpected requests. This talk demonstrates novel bypass techniques, including a Chrome CVE discovered during while researching these methods. Attendees  will gain an understanding of the impacts on real-world applications, and how to protect against these attacks.
Speakers
avatar for Vincent Dragnea

Vincent Dragnea

Application Security Consultant, Forward Security
Vincent is an application security consultant at Forward Security. He has 7 years of experience as a security researcher, since making the leap to cybersecurity from a software development background. Always eager to learn more, and OSWE-certified, Vincent loves to find creative exploits... Read More →
Monday June 1, 2026 4:00pm - 4:20pm PDT
Track 3 - AppSec Track - Room 1420/1430 - Sponsored by Google Cloud Security - Hosted by OWASP 515 W Hastings St, Vancouver, BC V6B 5K3, Canada
  Talk
Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Meeting Planning Software Privacy Terms
Share Modal

Share this link via

Or copy link