How to Prevent Account Takeover Attacks – John Chirhart – ASW #109

Sponsored By

Visit for more information!

Attackers are using methods such as password spraying and credential theft to commit fraud against websites at an alarming rate. Automated bots are aiding the attacker to conduct these operations at scale. Your defensive strategy should include a mechanism to determine if a session is being controlled by a real user or a bot. How can we best accomplish this without creating too much friction between the real users and your web applications?

To learn more about Google Cloud and reCAPTCHA, visit:
To register for our upcoming webcast with Google Cloud: for all the latest episodes!
Full Episode Show Notes

How to Prevent Account Takeover Attacks

To register for our upcoming webcast with Google Cloud:


John Kinsella
John Kinsella – Vice President of Container Security
Matt Alderman
Matt Alderman – CEO
Mike Shema
Mike Shema – Product Security Lead


John Chirhart
John Chirhart – Customer Experience Engineer


  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting and clicking the button to join the list!
  • Learn how hidden vulnerabilities lead to application compromise in our next webcast with Snyk! Our second June webcast will be with Google Cloud teaching you how to prevent account takeover attacks! Register for our upcoming webcasts or virtual trainings by visiting Or visit to view our previously recorded webcasts!