Webhooks are a simple and powerful way for services to notify each other that something interesting has happened. So much so that it became the most popular mechanism for communicating events. While webhooks give us power and flexibility, they rely heavily on the listener to enforce security. In this session, we will learn the most common, interesting, and challenging patterns across 100+ webhook implementations, and learn some simple ways to make webhook security better (for providers and consumers).

Comments

Comments are closed.

Joanna Kus at 14:45 on 25 Apr 2024

Engaging speaker, really liked the audience participation with Postman requests. Learned a lot about webhooks.

Bobby Cahill at 14:46 on 25 Apr 2024

Great job! Thanks for the talk!

Great talk! Very engaging. Well presented with lots of examples. I also enjoyed the interactivity.

Scott explained all of the various secure mechanism very well. Made it easier to make an informed choice when implementing web hooks.

Cori Lint at 14:51 on 25 Apr 2024

A good refresher on webhooks in general, and I learned a lot about security strategies which I hadn’t even considered that I should be thinking about. Really good presentation skills! Thanks!

Great talk, good delivery, fun approach, thanks Scott!

This was a nice talk. Thank you for presenting

Tim Lytle at 12:51 on 26 Apr 2024

Great presentation presence, and a really good example of how to talk about an important topic adjacent to the company your represent, keeping everything relevant and useful.

And handling webhooks is something likely every developer could either improve, or can identify with the gaps Scott highlighted because of past code. The only thing that might make this better is to expand beyond security and talk about patterns to ensure that webhooks aren't missed, that actions that fail are retired, etc. A 'Guide to Handling Webhooks' perhaps.