Denied! Securing your Application with Better User Authorization

Brian Childress

ABSTRACT:


brian

Brian Childress

As our applications grow in complexity, application security needs to change to keep pace. Using real-world examples we will explore new implementations for front-end user authorization and authentication best practices. We’ll go beyond the basics of determining if a user is logged in, and discuss using JSON Web Tokens (JWT) for authentication. By examining security vulnerabilities lurking in most web applications we will demonstrate strategies to implement new security patterns using today’s hottest JavaScript frameworks (Angular, React, Vue). You’ll find unique ways to differentiate users by roles or security groups, changing the user experience. We’ll discuss ways to control a user’s access down to a single data point by moving our authorization model to the component level.

Key areas we’ll cover: – JSON Web Token (JWT) best practices – Route and Component level authorization – Role based user access – Vulnerabilities in modern web apps

TIME:

Tuesday, October 9th, 2018, 12:00 PM – 1:00 PM (EST). Talks at noon, every second Tuesday of the month.

DETAILS:

If you would like to join us, you can watch our YouTube live stream. We also love office guests! If you want to watch the talk in person with us and hang out with the Unboxed team, shoot us an email at devtalks@unboxedtechnology.com.