OAuth 2.0 is at the heart of OpenID Connect, Mobile Connect, UMA and many other popular standards. Understanding the threat landscapes in OAuth 2.0 is essential in building a secured identity infrastructure. This talk will guide you through multiple attacks that took place over last couple of years, their root causes and how to mitigate any future security exploits by following best practices.
Learning Objectives:
1: Learn OAuth 2.0 fundamentals.
2: Understand what can go wrong with OAuth 2.0 implementation.
3: Explore security best practices and guidelines.
Speaker: Prabath Siriwardena
Prabath Siriwardena is the Senior Director of Security Architecture at WSO2 Inc and also the Founder of the Silicon Valley IAM meetup group. He is the Author of the book Advanced API Security published by Apress and has also authored three more books on Apache Maven and enterprise integration. Siriwardena is also a member of Apache Axis PMC and has spoken at numerous international conferences including OSCON, QCon, ApacheCon, WSO2Con, European Identity Conference, Cloud Identity Summit (CIS), Internet Identity Workshop (IIW), IDentity Next, API World, API Strat and OSDC. He has more than 13 years of industry experience and has worked with many Fortune 100 companies.
Detailed Presentation:
Comments