Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in order to understand the similarities in what could go wrong, while also examining the differences in how each one influences modern application architectures. Visit https://www.securityweekly.com/asw for all the latest episodes!
How GraphQL & Template Injection Threats Influence App Architectures
Mike Benjamin – VP of Security Research at Fastly
Mike is focused on researching the latest attack methods to ensure Fastly’s technologies can provide customers with protections against these threats. Prior to Fastly, Mike was VP of Security at Lumen Technologies where he led security product engineering, operations, and the Black Lotus Labs threat intelligence team.
Mike’s key focus throughout his 25 years of service provider experience has been creating secure and scalable technology for his customers.
John Kinsella – Co-founder & CTO at Cysense
John Kinsella is the Co-founder & CTO of Cysense
Mike Shema – Security Partner at Square
Mike Shema is a Security Partner at Square.
Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!