Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Back To Schedule
Thursday, September 26 • 4:05pm - 4:50pm
Modern and Secure IAM for Modern Applications

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Modern applications include Mobile Applications, JS Single Page Applications, APIs, Microservices, etc and we need modern & secure Identity and Access Management solutions to protect them. Unfortunately, Authentication and Authorization related CWEs (Common Weakness and Enumerations) still result in many vulnerabilities in both traditional and modern applications. This eventually results in data breaches. Different studies related to data breaches (Verizon data breach report) clearly show attackers' interest in these vulnerabilities and how they are abusing this. This presentation is focused on a proactive solution to these problems. It's evident that attackers misuse the vulnerabilities in the IAM implementations. This can be secured by reducing the multiple weak IAM implementations and by utilizing centrally managed and more secure IAM solutions using the federation with the security principle of minimization attack surface area. This presentation will cover basic terminologies in IAM, different ways to implement IAM solutions, benefits of the Federation. Comparison between OIDC and SAML. Explanation of different OIDC flows (Authcode flow, Auth Code Flow with PKCE) for modern applications.

avatar for Vinod Anandan

Vinod Anandan

Vinod is an application security engineer. He started his career as a developer and decided to be part of securing software. He is an OWASP volunteer, member and project lead.  He loves open-source software and standards and he believes in collaboration and teamwork when it comes... Read More →

Thursday September 26, 2019 4:05pm - 4:50pm CEST