The slide deck from my OWASP Austin talk about Cross Site Request Forgery (CSRF) is up online. If anyone is interested in the Java-based examples I used just drop me an email and I can send them along.
dan _at_ denimgroup.com
About Dan Cornell
A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform. More Posts by Dan Cornell