October 15-17 | Vancouver, British Columbia
View More Details  & Register Here
Back To Schedule
Thursday, October 17 • 11:30am - 12:00pm
Are You Properly Using JWTs? - Philippe Leothaud, 42Crunch

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
JSON Web tokens (JWTs) are used massively in API-based applications as access tokens or to transport information across services. Unfortunately, JWT are often mis-used and incorrectly handled. Massive data breaches have occurred in the last 18 months due to token leakage and lack of proper of validation.

This session focuses on best practices and real world examples of JWT usage, where we cover:

- Typical scenarios where using JWT is a good idea
- Typical scenarios where using JWT is a bad idea!
- Principles of Zero trust architecture and why you should always validate
- Best practices to thoroughly validate JWTs and potential vulnerabilities if you don’t.
- Use cases when encryption may be required for JWT


Philippe Leothaud

Chief Architect, 42Crunch
Philippe Leothaud has over 20 years of experience in Identity Management, application security and integration. After 8 years at BeeWare (now acquired by DenyAll) as CTO of a company focusing on Web Application Firewall, Web SSO and Web Access Management, and 6 years at Vordel (now... Read More →

Thursday October 17, 2019 11:30am - 12:00pm PDT
Junior Ballroom D
  Techniques, In Depth
  • Experience Level Any
  • Session Slides Included Yes