This is both fantastic discussion of the ability to quickly check for vulnerabilities in ways never possible at scale before and also discussion of a little-known vulnerability that even the security experts were not aware of. The security guys at Imperva Incapsula just wrote up how they protect their system against this here (https://www.incapsula.com/blog/http-host-header-fix.html) – and in their tests, the only vulnerability they found was their own tests. But they wouldn’t have done it until the BlackHat presentation.