Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Back To Schedule
Thursday, September 26 • 4:05pm - 4:50pm
Modern and Secure IAM for Modern Applications

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Modern applications include Mobile Applications, JS Single Page Applications, APIs, Microservices, etc and we need modern & secure Identity and Access Management solutions to protect them. Unfortunately, Authentication and Authorization related CWEs (Common Weakness and Enumerations) still result in many vulnerabilities in both traditional and modern applications. This eventually results in data breaches. Different studies related to data breaches (Verizon data breach report) clearly show attackers' interest in these vulnerabilities and how they are abusing this. This presentation is focused on a proactive solution to these problems. It's evident that attackers misuse the vulnerabilities in the IAM implementations. This can be secured by reducing the multiple weak IAM implementations and by utilizing centrally managed and more secure IAM solutions using the federation with the security principle of minimization attack surface area. This presentation will cover basic terminologies in IAM, different ways to implement IAM solutions, benefits of the Federation. Comparison between OIDC and SAML. Explanation of different OIDC flows (Authcode flow, Auth Code Flow with PKCE) for modern applications.

avatar for Vinod Anandan

Vinod Anandan

SVP of Application Security
Vinod is an SVP of Application Security, he is leading a team of DevSecOps engineers and architects to develop tools and services which will help to improve the security and developers' experience. Vinod spends most of the time helping open source projects and standards

Thursday September 26, 2019 4:05pm - 4:50pm CEST