Don’t Lose Sleep - Secure Your REST

Adam Englander

Thursday 16 February 2017 from 14:40 to 15:40

Talk in English - UK at PHP UK Conference 2017
View Slides: http://www.slideshare.net/AdamEnglander/php-uk-2017-dont-lose-sleep-secure-your-rest
View Slides: https://Google.com
Short URL: https://joind.in/talk/9289d (QR-Code (opens in new window))

Avg. Rating

Are you worried that your REST API may be the next victim of an attack by ruthless hackers? Don't fret. Utilizing the same standards implemented by OAuth 2.0 and OpenID Connect, you can secure your REST API. Open and proven standards are the best ways to secure your REST APIs for now and well into the future. JSON Object Signing and Encryption (JOSE) is the core of a truly secure standards based REST API. In this talk, you will learn how to use the components of JOSE to secure your REAST API for now and the future.

Comments

Comments are closed.

Nick Barham at 15:35 on 16 Feb 2017

Good talk about the benefits of using JOSE, but sad that there wasnt much information or any examples about how to start using it for yourself (using existing libraries etc)

Liam Wiltshire at 16:55 on 16 Feb 2017

A strong talk, a lot of really useful information that I need to look into. Quite a lot of information being thrown around if you've had no prior experience, but a well delivered talk.

Mark Kathmann at 10:13 on 17 Feb 2017

A good talk on an interesting subject, well delivered by an engaging speaker. Would have liked some more practical DIY/get started examples.

Tomas Kmieliauskas at 10:29 on 17 Feb 2017

Was rather easy to follow having some security/crypto background knowledge (not as easy without it), some more practical/usage examples would've been nice

Chris Sherry at 09:52 on 18 Feb 2017

I don't have any experience with JOSE, and went to this talk to learn more about them. Adam had a really nice speaking style and delivered some interesting information around the subject.

I now know what these things are which is a great start and I can read further into this, but I don't feel I actually know how to use the components to achieve a more secure API as the abstract suggested.

Perhaps this was a little too advanced for me personally - I'm sure there were others in the room that took more away from it as I heard some positive conversations after the talk.

Mattias Wirf at 22:54 on 18 Feb 2017

Well delivered. However, I'm sure those with previous knowledge followed along, but it was hard for me to keep up - thats a lot of abbreviations flying by ;) Some more examples/context may have helped me.