Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Web Security with Auth0

Mehul Patel
February 21, 2018
Technology
0
110

Web Security with Auth0

Auth0 provides authentication and authorization as a service. We are here to give developers and companies the building blocks they need in order to secure their applications, without having to become security experts.

Reference: Md Shahbaz Alam

Mehul Patel

February 21, 2018
Tweet

More Decks by Mehul Patel

See All by Mehul Patel
Git-crypt: A tool to Secure your Secrets
rowdymehul
0
140
First look - Containers & Docker
rowdymehul
0
78
Hackference India 2018 | Modern Identity
rowdymehul
0
92
Rust Techie-talks at gnuNify 2018
rowdymehul
2
610
Know your Identity with Auth0
rowdymehul
1
88
Why is Privacy Important?
rowdymehul
0
99
Let's play with Rust - BITS Pilani, Goa
rowdymehul
1
160
Let's play with Rust - GIRLSCRIPT SUMMIT 2017
rowdymehul
2
390
Linux is my bae! Best to Learn & Grow.
rowdymehul
0
47

Other Decks in Technology

See All in Technology
長期間TiDBを使ってきた話 @ 私たちはなぜNewSQLを使うのかTiDB選定5社が語る選定理由と活用LT / Experiences with TiDB Over Time
chibiegg
2
750
「共通基盤」を超えよ! 今、Platform Engineeringに取り組むべき理由
jacopen
25
5.9k
Tebiki株式会社 エンジニア採用資料
tebiki
0
4.1k
Janus
bkuhlmann
1
490
Microsoft Cloudで 開発ライフサイクルを保護する
kkamegawa
0
150
マルチアカウント環境への発見的統制の導入
ch1aki
1
1.3k
[PlatformCon 24] Platform Orchestrators: The Missing Middle of Internal Developer Platforms?
danielbryantuk
1
190
SPI原点回帰論:事業課題とFour Keysの結節点を見出す実践的ソフトウェアプロセス改善 / DevOpsDays Tokyo 2024
visional_engineering_and_design
4
1.6k
テストプロセスで大事にしていること #jasstnano
makky_tyuyan
0
140
複雑な構成要素を持つUIとの向き合い方 〜新・支出グラフでの実例〜 / B43 TECH TALK
nakamuuu
0
110
Data and AI Governance: Existing Challenges and Emerging Trends
scotthsieh825
0
170
アプリがつくるNOT A HOTELブランド
hokuts
1
450

Featured

See All Featured
It's Worth the Effort
3n
180
27k
4 Signs Your Business is Dying
shpigford
175
21k
Building Better People: How to give real-time feedback that sticks.
wjessup
354
18k
Rails Girls Zürich Keynote
gr2m
91
13k
Robots, Beer and Maslow
schacon
PRO
155
7.9k
Product Roadmaps are Hard
iamctodd
43
9.7k
Building an army of robots
kneath
300
41k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
18
1.7k
Building a Scalable Design System with Sketch
lauravandoore
455
32k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
154
14k
What's new in Ruby 2.0
geeforr
337
31k
Thoughts on Productivity
jonyablonski
57
3.8k

Transcript

  1. Mehul Patel Web Security with Auth0

  2. Mehul Patel Auth0 Ambassador, Auth0 Inc Twitter : @rowdymehul [email protected]

    About Me

  3. • Exposing Sensitive Data • Broken Authentication • Security Misconfiguration

    • Injection Vulnerability Common Web Security Vulnerabilities

  4. The new way to solve Identity

  5. What is Identity ?

  6. What is Identity ? Authentication of an individual

  7. What is Modern Identity ? • Authentication - The way

    you login • Authorization - Right access to Right People at Right Time • Security - Protecting data in motion and at rest • Personalization - Tailored user experience

  8. Authentication ➔ Traditional Username and Password ➔ Social login via

    Facebook,Twitter, Google , etc. ➔ Enterprise Federation and Single Sign On ➔ Passwordless

  9. Traditional Username and Password • Most Common • Easy to

    Implement • Least Secure

  10. Social Login • Common • Medium Difficulty • More secure

  11. Single Sign On • Most Common in Enterprise • Difficult

    to Implement • Solve Authorization use cases

  12. Passwordless • Rare / Upcoming • Easy to Implement •

    Very secure

  13. Authorization ➔ Ensure the user has the right access at

    the right time ➔ Grant, Change and Revoke access

  14. Security Biggest concern for our valuable data

  15. Password • Complexity • Storage • Security

  16. Multi Factor Authentication • Something you know, Something you have

    , Something you are Brute Force Protection • Prevent repeated failed login attempts • Alert user and validate identity Anomaly Detection • Proactively protect users • Alert user of suspicious activity • Breached password detection

  17. Personalization ➔ Give a personal touch to each user ➔

    Make Data work for you ➔ Enhanced Analytics

  18. Why Modern Identity ? 3 Big Reasons

  19. 1. Higher Conversion Rates

  20. 2. Better User Experience

  21. 3. Increased Revenue

  22. Auth0 Identity as a Service • Modern Identity in 10

    minutes • Free Tier ( 7000 Monthly Active users ) • Team of Security Expert

  23. Auth0 • We are not solely a security company •

    We are not only an authentication or authorization company • We are an Identity Company • What we want to do ? • We wanna make it easier for our customers to manage their users • By providing them with a modern platform which handles their authorization and authentication pieces • So they don’t have to worry about :-)

  24. Visit auth0.com

  25. None
  26. None
  27. None
  28. None
  29. None

  30. Explore...

  31. Questions ? Available on Telegram & Twitter : @rowdymehul