menu_book Data Type

Session Cookie

Also known as: Authentication cookie, Session token

A session cookie is a token a website stores in the browser to keep a user logged in after authentication. Stolen session cookies are among the most valuable items in infostealer logs because they let attackers resume a session without a password or MFA.

What is a session cookie?

When a user logs in, the service issues a session cookie that the browser sends on subsequent requests to prove the user is still authenticated. It is effectively a temporary key to the account.

Why session cookies are a prime target

Because a valid session cookie represents an already-authenticated session, an attacker who steals and replays it is logged in as the victim — no password and no MFA required. This makes session cookies a headline item in stealer logs.

How VantaPrism Tracks Session Cookie

VantaPrism parses session cookies captured in stealer logs and flags exposed authenticated sessions so teams can force revocation before the cookies are replayed.

Check Your Exposure arrow_forward

Frequently Asked Questions

Why are session cookies dangerous when stolen?

expand_more

They represent an already-authenticated session, so replaying a valid one grants account access without the password or MFA.

Related Terms

Cookie Theft arrow_outward

Cookie theft is the stealing of browser cookies — especially authenticated session cookies — so attackers can imperso…

Session Hijacking arrow_outward

Session hijacking is the takeover of an authenticated session by stealing and reusing its session token or cookie. Be…

MFA Bypass arrow_outward

MFA bypass is any technique that defeats multi-factor authentication so an attacker can access an account despite the…

Stealer Logs arrow_outward

A stealer log is the package of data exfiltrated from a single device by infostealer malware. It typically contains s…

← All Glossary Terms Last reviewed: June 2026