The adoption of GraphQL APIs in production is increasing. Sure, you can declaratively fetch the data you need, but could over fetching be dangerous? While teams use this query language to create fast, flexible APIs, they inadvertently expose their systems to new attack vectors in the process.
This session will cover the dos and don’ts of designing secure GraphQL APIs by highlighting case studies and the OWASP risks connected with them. The goal is to give you the tools you need to be proactive and plan for threats earlier in the API lifecycle. In addition, you’ll also learn about the challenges and security risks that GraphQL APIs face when compared to other popular API specifications and standards.