In 2020, Chrome will default the SameSite attribute to Lax on all cookies. SameSite helps mitigate CSRF, but does that mean CSRF is Dead?
For more info go to https://www.developsec.com or follow us on twitter (@developsec).
Join the conversations.. join our slack channel. Email firstname.lastname@example.org for an invitation.
DevelopSec provides application security training to add value to your application security program. Contact us today to see how we can help.