March 13-15, 2019
Montreal, Canada

Securing your API - From basics to beyond

In this talk, i speak about some basics actions to secure your API. Keeping in mind that an API remains a web application, without html/javascript, i will do a demo of SQL injection and then quickly review the OWASP top 10 application security risks. From there i zoom on authentication doing a focus on oauth2/OpenID Connect. Stepping to API Management, i deep dive on some features that can help us to secure our APIs.

View all 156 sessions

Alexandre Faria

Decathlon

Software Engineer since 2005, i am currently working for Decathlon group.
As developer, i am more interested on the back side, especially on ReST APIs and authentication/security topics.
My last work were focused on API Management, Authorisation Server (oauth2/openid) specifications.
Sharing knowledge is what i prefer in my daily job.
Open source world is also a fascinating topic for me.

Read More