In today’s evolving threat landscape, robust web security practices are paramount to safeguarding applications and user data. This talk delves into modern approaches to web security, with a spotlight on stateless CSRF (Cross-Site Request Forgery) protection. Drawing from recent advancements in Symfony, we’ll explore how to secure web applications without relying on traditional session storage.