Application Security WeeklySubscribe
Application security, AI/ML, DevOps

OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication – Aaron Parecki – ASW #289

Full Audio

View Show Index

Segments

1. OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication – Aaron Parecki – ASW #289

OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.

Segment Resources:

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Identity Standards Architect at Okta

Aaron Parecki is an Identity Standards Architect at Okta with over 15 years of experience in the industry. He is active in multiple standards development organizations (SDOs), including IETF, OpenID Foundation, and W3C. He is the editor of OAuth 2.1 along with several other OAuth specifications, and co-chairs the SCIM working group at IETF. He has taught the fundamentals of OAuth and online security to thousands of developers worldwide through his book OAuth 2.0 Simplified as well as video courses and live online trainings.

Hosts

Tech Lead at Block
Senior Engineering Leader at AWS

2. Shared Responsibility Models, AI in Offensive Security, Apple’s Private Cloud Compute – ASW #289

Thoughts on shared responsibility models after the Snowflake credential attacks, looking at AI's current and future role in offensive security, secure by design lessons from Apple's Private Cloud Computer, and more!

Announcements

  • Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.

Related

You can skip this ad in 5 seconds