CSRF (Cross-Site Request Forgery)
An attack that forces authenticated users to submit requests they did not intend, exploiting the trust a site has in the user's browser.
Practice this topic
Test your knowledge of application security concepts with exam-style practice questions.
Related Application Security terms
OWASP
The Open Web Application Security Project — a nonprofit foundation focused on improving software security.
SAST (Static Application Security Testing)
A testing methodology that analyzes source code for security vulnerabilities without executing the program.
DAST (Dynamic Application Security Testing)
A testing methodology that analyzes running applications for vulnerabilities by simulating external attacks.
DevSecOps
An approach that integrates security practices within the DevOps process throughout the software development lifecycle.