Webhooks are a pillar of modern application development. They notify us of that new commit, an incoming text message, our email was delivered, and a payment was processed. Our systems can’t function without webhooks sending data seamlessly and securely across the internet. But what happens if they’re not secure? What happens if your webhooks are intercepted, manipulated, or even replayed against your systems? What are the best ways - as both a provider and consumer - to protect our systems? In this session, we’ll delve into the 100+ implementations we explored to build webhooks.fyi to identify the best and worst patterns to protect our systems now and in the future.


Comments are closed.

Nate Finch at 11:52 on 17 May 2023

Great demo, HTTPS or death!

Really informative and a call to action for us as developers to make sure that we are securing ourselves as much as possible with the tools that are available.

Phil Konsor at 11:56 on 17 May 2023

Good talk, very informative and good learning opportunity!

I was expecting a little more evil, but instead Dr. Danger decided to give everyone useful information and a fun activity.

Andrew Easton at 11:58 on 17 May 2023

great demo and informative talk

Brian Parker at 12:14 on 17 May 2023

Danger's talks are great - strong energy, good pacing, relevant and not boring.

Gary Pedretty at 09:06 on 18 May 2023

Very good insight into a somewhat challenging process to control.

Kyle Schatzle at 09:24 on 18 May 2023

Very informative and energetic. Great points on a complex topic. Webhooks are just a different query language to your database.

Ryan Howe at 11:01 on 18 May 2023

Danger is always fun to watch. Got a lot of great information, and I’m excited to have the resources to research more

Danger gave an awesome presentation and demo. Walked away with some great information.

Brandon Worby at 15:32 on 18 May 2023

Great talk with lots of energy and interactive. Loved it.