Joel Lord!
Javascript Junkie
Bio!
Joel Lord is passionate about web and technology in general. He likes to learn new things but most of all, he likes to share his discoveries. He does so by travelling at various conferences all across the globe.
He graduated from college in computer programming in the last millennium. Apart for a little break to get his BSc in computational astrophysics, he was always in the industry.
As a technical evangelist with Auth0, he meets with developers to help them make the web a safer place.
During his free time, he is usually found stargazing in a camping site somewhere or brewing a batch of beer in his garage.
Session!
Hacking JWTs
So you’ve finally implemented your own authorization server. And it uses JWT because everyone else does. But is it secure? JWTs are the new great thing that everyone is talking about but you need to use them correctly. During this talk, we will see how we can use various attacks to hack into OAuth systems that use JWTs as a token mechanism. By seeing the attackers’ point of view, the attendees will learn how to better defend themselves and make more secure servers.
Where/When?