Defending against SSRF attacks (with help from our bug bounty program)


Over the past few years, server-side request forgery (SSRF) has received an increasing amount of attention from security researchers. With SSRF, an attacker can retarget a request to internal services and exploit the implicit trust within the network. It often escalates into a critical vulnerability, and in 2021 it was among the top ten web application security risks identified by the Open Web Application Security Project. At Dropbox, it’s the Application Security team’s responsibility to guard against and address SSRF in a scalable manner, so that our engineers can deliver products securely and with as little friction as possible.



首页 - Wiki
Copyright © 2011-2023 iteam. Current version is 2.118.1. UTC+08:00, 2023-10-04 14:10
浙ICP备14020137号-1 $访客地图$