$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

All Your Data Belongs to Us: How to Defend Against Credential Stuffing

  • Tuesday, April 02, 2019 at 10:30 AM EDT (2019-04-02 14:30:00 UTC)
  • Johannes Ullrich, PhD

You can now attend the webcast using your mobile device!



All data has been stolen. Attackers are routinely sharing datasets with billions of credentials to attack web sites. These attacks have evolved beyond simple password reuse. Attackers will use rich datasets with personal information like phone numbers, addresses and social security numbers to either take over or establish accounts. We will discuss what datasets are commonly available to attackers, how they are using them and how to defend against these attacks. Defenses against these attacks are complex in part because they need to carefully balance risk and business needs.

Speaker Bio

Johannes Ullrich, PhD

As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida. He also enjoys blogging about application security tips.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.