YoVDO

gRPC Security with Less Effort - NSEC2023

Offered By: NorthSec via YouTube

Tags

gRPC Courses Kubernetes Courses Microservices Courses Authorization Courses HTTP/2 Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore gRPC security challenges and solutions in this 31-minute conference talk from NorthSec. Delve into the expanded attack surface of gRPC/gRPC-web compared to traditional HTTP1.1 REST, focusing on applicative service misconfigurations. Examine new attack vectors arising from issues like HTTP2 downgrade and disabled reflection. Discover a comprehensive code configuration for securing generic gRPC services, featuring an automatically generated Kubernetes authentication service with an interceptor to an authorization engine. Learn how to simplify complex access delegation using open-source Ory engines. Gain insights into critical applicative issues related to currency, math, and conversions that demand attention in gRPC implementations.

Syllabus

NSEC2023 - gRPC security with less effort


Taught by

NorthSec

Related Courses

Authentication & Authorization: OAuth
Udacity
Rails with Active Record and Action Pack
Johns Hopkins University via Coursera
Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera
Web Application Development: Security
University of New Mexico via Coursera
Managing Identity
Microsoft via edX