The Hacker's Guide to JWT Security
Add Share
Back-end • November 2020
The Hacker's Guide to JWT Security
Explore more
Language
English
Level
Intermediate
Length
30 minutes
Type
online conference
About
The Hacker's Guide to JWT Security
About

JSON Web Token is an open standard for creating tokens that assert some number of claims like a logged-in user and his/her roles, widely used as a stateless authentication mechanism.

This talk guides you through various security risks of JWT, including vulnerabilities in algorithms and libraries, token cracking, token sidejacking, and more. In live demos, you’ll learn how to hijack a user account exploiting common security vulnerabilities. You’ll also find out about common mistakes and vulnerabilities along with the best practices related to the implementation of JWT authentication.

About speaker
About speaker
Patrycja Wegrzynowicz
CTOYon Labs
Patrycja Wegrzynowicz is a software visionary and expert specialized in automated software engineering, security, and Java technologies. She is the founder and CTO of Yon Labs, a start-up focused on automated detection and refactoring of software defects, including security vulnerabilities, performance and concurrency anti-patterns, and database issues. Patrycja is a regular speaker at major academic as well as industrial conferences, including CodeOne/JavaOne, Devoxx, JavaZone, OOPSLA, ASE, and others. She was named as one of Top 10 Women in Tech in Poland 2016.
Details
Language
English
Level
Intermediate
Length
30 minutes
Type
online conference