Eric Woodruff
Chief Identity Architect at Semperis and cybersecurity expert focused on identity and authentication risks, presenting research on NoAuth abuse and account takeover.
Best podcasts with Eric Woodruff
Ranked by the Snipd community
23 snips
Aug 2, 2025 • 24min
nOAuth-ing to see here. [Research Saturday]
Eric Woodruff, Chief Identity Architect at Semperis, dives into the critical nOAuth authentication flaw affecting SaaS applications. He reveals how this vulnerability allows attackers to impersonate users with just an email address, leading to potential data breaches. The discussion highlights the urgent need for SaaS vendors to adopt more secure OpenID Connect practices. Woodruff also shares insights on the challenges of securing Active Directory and the complexities surrounding responsible disclosure in the tech industry.
Dec 22, 2025 • 32min
Everything old is new again.
Eric Woodruff, Chief Identity Architect at Semperis and expert on identity risks, dives deep into the world of NoAuth abuse and full account takeovers. He reveals how certain apps' reliance on emails as identifiers creates significant vulnerabilities. Eric outlines the alarming findings, showing that 5–9% of tested applications are susceptible to attacks. He provides insights into how attackers exploit this trust to access accounts unnoticed, highlighting the crucial need for improved detection methods and better accountability among SaaS vendors.
