Cloud Security Researcher
Erick Galinkin is a Cloud Security Researcher at Netskope, specializing in offensive security and machine learning. He was previously at both Optiv and Cisco Talos Group in various roles. He also conducts research in applied mathematics at Johns Hopkins University, working in the fields of theory of computation, analytic number theory, and harmonic analysis.
CORS (Cross-Origin Resource Sharing) is a mechanism which uses HTTP headers to explicitly permit cross-origin HTTP requests, effectively bypassing any existing same-origin policy. Unfortunately, misconfigurations of CORS are extremely common and have led to bugs in bitcoin exchanges, social media platforms, and even popular IDEs. In this presentation, we demonstrate how CORS misconfigurations can happen, […]