February 26-28, 2020
Montreal, Canada

How Hackers Attack GraphQL and What You Can Do About It

As GraphQL is set to overtake RESTful architectures. This newfound popularity also draws the attention of hackers. Well-known companies have suffered from critical vulnerabilities hidden within GraphQL endpoints. I will show you what GraphQL looks like from a hacker's perspective and walk you through typical attacks against this technology. We will wrap up by discussing ways developers can protect their API from these threats.

View all 156 sessions

Matthew Szymanski

Red Ventures

Matthew Szymanski is a Senior Security Engineer specializing in Offensive Application Pentesting. Passionate about AppSec, he leverages over a decade of experience as a programmer to discover and help remediate vulnerabilities. He has developed and taught secure coding workshops, mentored Jr Security Engineers and Developers as well as presented at Security Conferences.

Read More

Montreal 2020 sponsored by