NCL 06: OAuth 2.0 Security: Attacks and Countermeasures скачать в хорошем качестве

NCL 06: OAuth 2.0 Security: Attacks and Countermeasures

Web and Mobile app developers work with it heavily nowadays, and end-users interact with it on a daily basis. This is the OAuth 2.0 protocol - or the Open Authorization Framework. Despite the fact that it is a security protocol, it is itself so vague and flexible that it opens the door to many potential threats if not implemented tightly. In this episode of "Navigating the Cyber Land", we will start with a general overview of what OAuth is and how it works. Then, we will look at the bad practices that can lead OAuth to potentially become vulnerable and get exploited. OAuth vulnerabilities can be categorized as either Client-Side or Server-Side. Some of the vulnerabilities and attacks we will cover are: CSRF attack against the client Theft of Authorization Code Theft of Access Token Client Impersonation We will also address the countermeasures or the solutions to those vulnerabilities from a development and configuration point of view. This session will be valuable for penetration testers assessing web/mobile applications as well as for developers and engineers implementing OAuth in their products and services. Axon Technologies, your cybersecurity partner! We are here to protect you! Learn more about us at: https://axontechnologies.com LinkedIn:   / axon-technologies-cyber-security   Twitter:   / axon_tech   Instagram:   / axontechnologies   Facebook:   / axontechnologies1