We kicked off our very first DevSecCon Germany chapter with two “Stranger Danger” talks, targeted towards developers/DevOps who aren’t necessarily security experts but care about security and want to make sure that their applications remain this way.
Securing the front door: Know who you’ll let in with strong authentication
Signing into any application feels like a commodity nowadays. You just click on that “Sign in with Google” button and the app opens its doors for you. But there’s a lot more to it under the hood. This talk will walk you through the science behind the login box, from foundational protocols like OAuth2 and OpenID Connect to the works behind apps like Google Authenticator and other OTP providers and new trends like WebAuthn and device biometrics for logins. No prior Identity knowledge is required, but a basic understanding for development could help to follow the session.