How GraphQL & Template Injection Threats Influence App Architectures – Mike Benjamin – ASW #202
Both GraphQL and template engines have the potential for injection attacks, from potentially exposing data due to weak authorization in APIs to the slew of OGNL-related vulns in Java this past year. We take a look at both of these technologies in order to understand the similarities in what could go wrong, while also examining the differences in how each one influences modern application architectures.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Mike is focused on researching the latest attack methods to ensure Fastly’s technologies can provide customers with protections against these threats. Prior to Fastly, Mike was VP of Security at Lumen Technologies where he led security product engineering, operations, and the Black Lotus Labs threat intelligence team.
Mike’s key focus throughout his 25 years of service provider experience has been creating secure and scalable technology for his customers.