SecAppDev 2022 Faculty
Philippe De Ryck
Web Security Expert, Pragmatic Web Security
Philippe De Ryck helps developers protect companies through better web security. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. As the founder of Pragmatic Web Security, Philippe delivers security training and security consulting to companies worldwide. His online course platform allows anyone to learn complex security topics at their own pace. Philippe is a Google Developer Expert and an Auth0 Ambassador for his community contributions on the security of web applications and APIs.
Getting API authorization right
Building secure APIs and microservices is hard, really hard. This workshop provides API developers with the necessary knowledge to assess and improve the security of their APIs. This workshop consists of a mixture of lectures, demos, interactive quizzes, and hands-on labs.
In this workshop, we explore common authorization failures in APIs and various defensive strategies, along with their trade-offs and pitfalls. We dive deep into API-specific topics, such as handling JSON Web Tokens (JWTs) and dealing with OAuth 2.0 access tokens. You will walk away with an actionable set of best practices.
Web and API security Thursday June 16, 09:00 - 17:00
Introduction to OAuth 2.0 and OpenID Connect
OAuth 2.0 and OIDC are confusing, which often results in confusion and implementation mistakes. In this session, we explore the purpose of these technologies and the current best practices of using them.
Identity and access management Monday June 13, 09:00 - 10:30