about-me variable
Axon Technologies invites you to their event

NCL 06: OAuth 2.0 Security: Attacks and Countermeasures

About this event

Web and Mobile app developers work with it heavily nowadays; and end users interact with it on a daily basis. This is the OAuth 2.0 protocol - or the Open Authorization Framework. Despite the fact that it is a security protocol, it is itself so vague and flexible that it opens the door to many potential threats if not implemented tightly.

In this episode of "Navigating the Cyber Land" we will start with a general overview of what OAuth is and how it works. Then, we will look at the bad practices that can lead OAuth to potentially become vulnerable and get exploited. OAuth vulnerabilities can be categorized as either Client-Side or Server-Side.

Some of the vulnerabilities and attacks we will cover are:

  • CSRF attack against the client
  • Theft of Authorization Code
  • Theft of Access Token
  • Client Impersonation

We will also address the countermeasures or the solutions to those vulnerabilities from a development and configuration points of view.

This session will be valuable for penetration testers assessing web/mobile applications as well as for developers and engineers implementing OAuth in their products and services.

Hosted by

  • Team member
    T
    Abed Samhuri Cyber Institute Lead @ Axon Technologies

Axon Technologies

Your Cybersecurity Partner

Axon Technologies is a cybersecurity services company focused on protecting organizations of various sizes in this digitally connected world. Our mission is to help organizations predict, prevent, detect, respond to, and recover from cyberattacks.