Philippe De RyckJan 23, 2025
I am talking about API security at NDC Security 2025. Using real-world cases, we discuss a couple of do's and don'ts that can help you secure your APIs. You can grab a copy of the slides here: https://buff.ly/46TtghZ #appsec #infosec
Breaking and securing OAuth 2.0 in frontends

Discover the underestimated threat of Cross-Site Scripting (XSS) in OAuth 2.0 Single Page Applications. Learn about hacks on frontend OAuth clients and explore solutions like the Backend-for-Frontend pattern, ensuring secure implementations of OAuth 2.0.

Pragmatic Web Security
Show threadherbert77Mar 23, 2025
@PhilippeDeRyck thank your for publishing the slides!
I noticed that NDC Security 2025 talks are on youtube, but this talk appears to be missing.
Will it be published later or was it not recorded?
thank you for all your work on OAuth Security and your great talks!
Show threadPhilippe De Ryck

@herbert77 The talks are only released in small batches, but my session has been published in the meantime: https://www.youtube.com/watch?v=S5HV1iPhbT4&list=PL03Lrmd9CiGe5SlwogmMU3NKwFtKCxRSa&index=24

Hope you enjoy the talk!

Breaking and securing OAuth 2.0 in frontends at NDC Security - Philippe De Ryck - NDC Security 2025

YouTube
Apr 6, 2025 at 9:07amWeb