OWASP Application Gateway: Introduction and Usage for Secure Web Applications

Explore the OWASP Application Gateway in this 24-minute conference talk by Gian-Luca Frei. Learn about this modern HTTP reverse proxy that handles OAuth2 login and session management, sitting between web applications and clients. Discover how it scales from small projects to enterprise-level applications, eliminating the need for developers to implement login logic in both backend and frontend. Delve into the security challenges of modern software systems and understand how the OWASP Application Gateway addresses them. Gain insights into customizing and extending the gateway to meet specific needs through a technical deep dive. The talk covers introduction, microservice architecture, authentication, advantages and disadvantages, demonstration, design principles, network stack, and usage models, providing a comprehensive overview of this OWASP Foundation project.

Introduction
Why Application Gateway
Team
Microservice Architecture
Authentication
Application Gateway
Advantages and disadvantages
Demo
How it works
Demonstration
Design Principles
Network Stack
Usage Models
Github