OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Pa... - ASW

Sdílet
Vložit
  • čas přidán 24. 06. 2024
  • OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.
    Segment Resources:
    - oauth.net/2.1
    - oauth.net/specs/
    - oauth2simplified.com/
    - oauth.net/2/dpop/
    - oauth.net/2/oauth-best-practice/
    - oauth.net/fapi/
    - developer.mozilla.org/en-US/d...
    Visit www.securityweekly.com/asw for all the latest episodes!
    Show Notes: securityweekly.com/asw-289
  • Věda a technologie

Komentáře •

Další v pořadí
Automatické přehrávání
Introduction to OAuth 2.0 and OpenID Connect By Philippe De Ryck2:43:46Introduction to OAuth 2.0 and OpenID Connect By Philippe De Ryck
Introduction to OAuth 2.0 and OpenID Connect By Philippe De RyckDevoxx
zhlédnutí 13K
Do We Need Penetration Testing and Vulnerability Scanning? - Adrian Sanabria, Josh Bre... - PSW #8331:00:55Do We Need Penetration Testing and Vulnerability Scanning? - Adrian Sanabria, Josh Bre... - PSW #833
Do We Need Penetration Testing and Vulnerability Scanning? - Adrian Sanabria, Josh Bre... - PSW #833Security Weekly - A CRA Resource
zhlédnutí 492
Migrating from Postgres to SQLite with Kent C. Dodds57:02Migrating from Postgres to SQLite with Kent C. Dodds
Migrating from Postgres to SQLite with Kent C. DoddsAaron Francis
zhlédnutí 7K
Na koncertě v Praze jsme se s vámi rozdělily o Kubíky Waterrr Cool😍 V tom vedru dobrý nápad, ne?😁00:42Na koncertě v Praze jsme se s vámi rozdělily o Kubíky Waterrr Cool😍 V tom vedru dobrý nápad, ne?😁
Na koncertě v Praze jsme se s vámi rozdělily o Kubíky Waterrr Cool😍 V tom vedru dobrý nápad, ne?😁Lollipopz
zhlédnutí 173K
My little bro is funny😁 @artur-boy00:18My little bro is funny😁 @artur-boy
My little bro is funny😁 @artur-boyAndrey Grechka
zhlédnutí 12M
Mbappe 200 IQ Moments 🤯00:25Mbappe 200 IQ Moments 🤯
Mbappe 200 IQ Moments 🤯LE FOOT EN VIDÉO
zhlédnutí 5M
Attack a Terezka jdou na rande… TENIS00:24Attack a Terezka jdou na rande… TENIS
Attack a Terezka jdou na rande… TENISAttackShorts
zhlédnutí 58K
OAuth 2.0 and OpenID Connect (in plain English)1:02:17OAuth 2.0 and OpenID Connect (in plain English)
OAuth 2.0 and OpenID Connect (in plain English)OktaDev
zhlédnutí 1,7M
Easiest way to build LLM apps - Langflow 1.0 demo and deep dive!1:00:51Easiest way to build LLM apps - Langflow 1.0 demo and deep dive!
Easiest way to build LLM apps - Langflow 1.0 demo and deep dive!Langflow
zhlédnutí 1,1K
Top 12 Tips For API Security9:47Top 12 Tips For API Security
Top 12 Tips For API SecurityByteByteGo
zhlédnutí 76K
An Illustrated Guide to OAuth and OpenID Connect16:36An Illustrated Guide to OAuth and OpenID Connect
An Illustrated Guide to OAuth and OpenID ConnectOktaDev
zhlédnutí 560K
Shifting Cybersecurity Philosophy from Threat-Centric to Compromise-Centric - Martin R... - ESW #36642:32Shifting Cybersecurity Philosophy from Threat-Centric to Compromise-Centric - Martin R... - ESW #366
Shifting Cybersecurity Philosophy from Threat-Centric to Compromise-Centric - Martin R... - ESW #366Security Weekly - A CRA Resource
zhlédnutí 80
Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - T... - ESW Vault58:33Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - T... - ESW Vault
Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - T... - ESW VaultSecurity Weekly - A CRA Resource
zhlédnutí 68
CISOs Advising Cybersecurity Companies, Get on Board! - Bob West - CSP #18028:16CISOs Advising Cybersecurity Companies, Get on Board! - Bob West - CSP #180
CISOs Advising Cybersecurity Companies, Get on Board! - Bob West - CSP #180Security Weekly - A CRA Resource
zhlédnutí 95
API Key Authentication Best Practices25:56API Key Authentication Best Practices
API Key Authentication Best PracticesZuplo
zhlédnutí 22K
SAML vs OAuth vs OIDC (explained simply!)20:32SAML vs OAuth vs OIDC (explained simply!)
SAML vs OAuth vs OIDC (explained simply!)Ubisecure
zhlédnutí 54K
Smart appliances - new gadgets, versatile utensils, tool items #gadgets #shorts00:12Smart appliances - new gadgets, versatile utensils, tool items #gadgets #shorts
Smart appliances - new gadgets, versatile utensils, tool items #gadgets #shortsbusiness Us
zhlédnutí 7M
Lenovo Legion Gaming #PC won't stop beeping! (RAM fix and dust cleaning) #tech #technology #shorts01:00Lenovo Legion Gaming #PC won't stop beeping! (RAM fix and dust cleaning) #tech #technology #shorts
Lenovo Legion Gaming #PC won't stop beeping! (RAM fix and dust cleaning) #tech #technology #shortsSalem Techsperts
zhlédnutí 4,4M
socket cleaning iphone 13 #Fixit00:40socket cleaning iphone 13 #Fixit
socket cleaning iphone 13 #FixitTamar DB (mt)
zhlédnutí 2,6M
Simple maintenance. #leddisplay #ledscreen #ledwall #ledmodule #ledinstallation00:19Simple maintenance. #leddisplay #ledscreen #ledwall #ledmodule #ledinstallation
Simple maintenance. #leddisplay #ledscreen #ledwall #ledmodule #ledinstallation LED Screen Factory-EagerLED
zhlédnutí 10M
Would you gift it to your bestie 💞🥰 #miniphone #smartphone #iphone #samsung #fyp00:13Would you gift it to your bestie 💞🥰 #miniphone #smartphone #iphone #samsung #fyp
Would you gift it to your bestie 💞🥰 #miniphone #smartphone #iphone #samsung #fypPockify™
zhlédnutí 2,2M
Using Your phone in the Rain 💀.00:14Using Your phone in the Rain 💀.
Using Your phone in the Rain 💀.Speed McQueen
zhlédnutí 1,3M
Урна с айфонами!00:30Урна с айфонами!
Урна с айфонами!По ту сторону Гугла
zhlédnutí 8M
Čo znamená AI notebook? (ASUS Vivobook S 15)15:40Čo znamená AI notebook? (ASUS Vivobook S 15)
Čo znamená AI notebook? (ASUS Vivobook S 15)Duklock
zhlédnutí 86K