HTTP/1.1 Must Die: What This Means for AppSec Leadership
ATT&CK techniques detected
T1190Exploit Public-Facing Application
62%
"bounties from these techniques over just two weeks, proving that several major cdns were vulnerable, potentially compromising every one of their 24m customers ' web infrastructure. this only serves to highlight the prevalence and severity of the problem. for appsec leaders, this …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
61%
"center at black hat usa and defcon 2025, portswigger ' s director of research, james kettle, issued a stark warning : request smuggling isn ' t dying out, it ' s evolving and thriving. despite years of defensive efforts, new research unveiled by kettle proves that http request sm…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
59%
"http / 1. 1 must die : what this means for appsec leadership research academy my account customers about blog careers legal contact resellers attack surface visibility improve security posture, prioritize manual testing, free up time. ci - driven scanning more proactive security …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
At Black Hat USA and DEFCON 2025, PortSwigger's Director of Research, James Kettle, issued a stark warning: request smuggling isn't dying out, it's evolving and thriving. Despite years of defensive ef