Erick Galinkin

Erick Galinkin

Cloud Security Researcher

Erick Galinkin is a Cloud Security Researcher at Netskope, specializing in offensive security and machine learning. He was previously at both Optiv and Cisco Talos Group in various roles. He also conducts research in applied mathematics at Johns Hopkins University, working in the fields of theory of computation, analytic number theory, and harmonic analysis.

Of CORS That’s a Thing: How CORS in the Cloud Still Kills Security

Boole Room

CORS (Cross-Origin Resource Sharing) is a mechanism which uses HTTP headers to explicitly permit cross-origin HTTP requests, effectively bypassing any existing same-origin policy. Unfortunately, misconfigurations of CORS are extremely common and have led to bugs in bitcoin exchanges, social media platforms, and even popular IDEs. In this presentation, we demonstrate how CORS misconfigurations can happen, […]