5 Web Security Considerations for GraphQL
Presented by Data Theorem Security Team
Learn about the importance of visibility and security for GraphQL.
GraphQL is a popular data query language that makes it easier to get data from a server to a client via an API call. It is commonly deployed as a piece of the technology stack for modern web and mobile applications. However, the complex nature of GraphQL makes it easier for hackers to exploit if embedded APIs and cloud resources are not secure. Learn about the right way to protect your AppSec stack that traditional approaches do not yet offer.
In this webinar, we’ll discuss the 5 most common GraphQL security vulnerabilities and how to leverage full stack security to overcome security gaps:
-
Inconsistent authorization checks (similar to REST Auth)
-
Failure to appropriately rate-limit
-
Introspection may help attackers
-
Introspection reveals non-public information
-
Cost of high depth queries