У нас вы можете посмотреть бесплатно Top 10 GraphQL Security Checks for Every Developer - Ankita Gupta, Ankush Jain - Akto.io или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:
Если кнопки скачивания не
загрузились
НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу
страницы.
Спасибо за использование сервиса ClipSaver.ru
Why implement GraphQL security? We will set the stage by introducing some examples of critical GraphQL vulnerabilities found in popular softwares. - CVE-2021-41248: This vulnerability in GraphiQL, a GraphQL IDE, relates to schema introspection responses that could lead to XSS attacks. - CVE-2023-38503: In Directus, a real-time API and dashboard for managing SQL database, there was a vulnerability in GraphQL subscriptions where permission filters were not properly checked, leading to unauthorized event notifications. - CVE-2023-34047: A vulnerability in Spring for GraphQL where a batch loader function could be exposed to GraphQL context with security context values from a different session, potentially leading to unauthorized access or information disclosure. Top 10 GraphQL Security Checks - #1 Disable Introspection in Production - #2 Robust Authentication - #3 Limit Query Depths - #4 Rate Limiting - #5 Input Validation - #6 Secure Direct Object References - #7 Error Handling - #8 Query Complexity Analysis - #9 Mass Assignment Checks - #10 Excessive Data Exposure How to automate GraphQL Security? - we will talk about automating the 10 security checks in code and CI/CD GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools. Get Started Here: https://graphql.org/