Denial of Service isn't sexy. It isn't the mysterious shell code that when sent into a program magically turns it into a root shell. It's the ugly red headed step child of infosec because everyone knows how it works. Some attacker sends a ton of traffic into your application and it goes down. That's the end of the story right?
Wrong. Sure that's how the most "glamorous" DDoS attacks that hit the newspaper work, but with modern applications using REST Services, 3rd party libraries, and commercial API services a new scary type of DoS is quickly gaining in popularity. The Financial DoS. The one attack where the goal ISNT to disrupt the availability of your application through technical overload. The goal with a Financial DoS is to completely use up your company's budget. This is the attack that really costs.
In this session, we will discuss exactly what this attack is, how it works, and most importantly how development teams can architect this problem away.
