Presentation: How Much Does It Cost to Attack You?

Track: Trust, Safety, & Security

Location: Soho Complex, 7th fl.

Duration: 5:25pm - 6:15pm

Day of week:

Slides: Download Slides

This presentation is now available to view on

Watch video with transcript


How much does it cost to attack you and what are attackers getting out of it?   Attacks, breaches, exploits, and malware are nearly a daily occurrence. Why aren’t billion-dollar products solving the problems we’ve had for decades? The problem is two-fold, attacks are getting cheaper to perform and the value of an attack is increasing daily. This is leading to increasingly sophisticated tools attacking platforms that have not kept up.  

In this session, Jarrod will describe the cost vs value justification of an attack, how it shifts over time, and why it means that silver bullets just don’t exist. We’ll walk through the evolution of one of the cheapest modern attacks, credential stuffing, and see what attackers do after they have data and access.

Attackers are clever fraudsters, when you see how cheap it is to exploit you and how much value they wring out of your data it will help you prioritize better protection for yourself and in the software you write.

Speaker: Jarrod Overson

Software Engineer @ShapeSecurity

Jarrod is a Director of Engineering at Shape Security where he led the development of Shape's Enterprise Defense. Jarrod is a frequent speaker on modern web threats and cybercrime and has been quoted by Forbes, the Wall Street Journal, CNET among others. He’s the co-author of O’Reilly’s Developing Web Components, creator of Plato, a static analysis tool for web applications, and frequently writes and records topics about reverse engineering and automation.

Find Jarrod Overson at

Similar Talks