Threat hunting in the browser
Luke Jennings
44CON 2024 · Day 1 · Main
In this compelling talk, Luke Jennings, VP of R&D at Push Security, articulates a fundamental shift in the cybersecurity landscape: the transition from network and endpoint-centric defenses to an **identity perimeter**. Jennings argues that traditional security tools, such as Endpoint Detection and Response (EDR) solutions and network proxies, are increasingly ill-equipped to combat the rise of **identity attacks**, which now represent the primary vector for breaches. These modern threats often bypass the operating system and network layers, instead targeting user identity and directly interacting with applications through the browser.
AI review
Jennings delivers a technically grounded, demo-heavy talk that correctly identifies the browser as an underutilized defensive vantage point and backs it up with working code and live attack chains — not slides full of vendor diagrams. The framing as 'EDR for the browser' is a clean conceptual contribution, and the SAML jacking / ghost login demonstrations add genuine operational color that most identity-security talks skip entirely.