Back To Schedule
Tuesday, October 31 • 2:00pm - 2:50pm
[Virtual Exclusive] PRO Workshop (API): State of GraphQL Security 2023

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Antoine Carossio, Escape, Cofounder & CTO
Tristan Kalos, Escape, Co-founder & CEO

Join Escape's co-founders Tristan Kalos and Antoine Carossio, leaders in GraphQL Security Testing, for an incisive look at GraphQL vulnerabilities. This groundbreaking research, involving a scan of over 1500 GraphQL endpoints, revealed a staggering 46,000+ security issues and sensitive data leaks, all accessible without authentication and with 10% classified as critical.

In this session, Tristan and Antoine will share their unique testing methodology and delve into the most common GraphQL vulnerabilities unearthed during their research. They'll expose GraphQL-specific vulnerabilities, including complexity issues and schema leaks, alongside persistent standard API security threats like injections and server errors.

They'll also highlight the often-underestimated problem of data leaks, including sensitive personal information and tokens. But, they won't leave you in the trenches; they'll showcase practical remediation strategies, introducing tools like GraphQL Armor and a handy security checklist for developers.

This talk isn't just about raising alarms; it's about equipping you with the tools to secure your GraphQL applications. Leave with a newfound understanding of GraphQL's security landscape, a respect for its potential vulnerabilities, and a clear path to application safety. Don't miss this crucial session at the API:WORLD

avatar for Tristan Kalos

Tristan Kalos

Co-founder & CEO, Escape.tech
Tristan is the co-founder and CEO of Escape. Escape helps developers and security teams create more secure APIs using automated business logic API testing.Previously, Tristan worked as a researcher on Machine Learning applied to Source Code Analysis.
avatar for Antoine Carossio

Antoine Carossio

Cofounder & CTO, Escape.tech
Former pentester for the French Intelligence Services.Former Machine Learning Research @ Apple.

Tuesday October 31, 2023 2:00pm - 2:50pm PDT
VIRTUAL Microservices World -- Workshop Stage C https://app.hopin.com/events/api-world-2023-ai-devworld/sessions