Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Web Security with Auth0

Mehul Patel
February 21, 2018

Web Security with Auth0

Auth0 provides authentication and authorization as a service. We are here to give developers and companies the building blocks they need in order to secure their applications, without having to become security experts.

Reference: Md Shahbaz Alam

Mehul Patel

February 21, 2018
Tweet

More Decks by Mehul Patel

Other Decks in Technology

Transcript

  1. • Exposing Sensitive Data • Broken Authentication • Security Misconfiguration

    • Injection Vulnerability Common Web Security Vulnerabilities
  2. What is Modern Identity ? • Authentication - The way

    you login • Authorization - Right access to Right People at Right Time • Security - Protecting data in motion and at rest • Personalization - Tailored user experience
  3. Authentication ➔ Traditional Username and Password ➔ Social login via

    Facebook,Twitter, Google , etc. ➔ Enterprise Federation and Single Sign On ➔ Passwordless
  4. Single Sign On • Most Common in Enterprise • Difficult

    to Implement • Solve Authorization use cases
  5. Authorization ➔ Ensure the user has the right access at

    the right time ➔ Grant, Change and Revoke access
  6. Multi Factor Authentication • Something you know, Something you have

    , Something you are Brute Force Protection • Prevent repeated failed login attempts • Alert user and validate identity Anomaly Detection • Proactively protect users • Alert user of suspicious activity • Breached password detection
  7. Personalization ➔ Give a personal touch to each user ➔

    Make Data work for you ➔ Enhanced Analytics
  8. Auth0 Identity as a Service • Modern Identity in 10

    minutes • Free Tier ( 7000 Monthly Active users ) • Team of Security Expert
  9. Auth0 • We are not solely a security company •

    We are not only an authentication or authorization company • We are an Identity Company • What we want to do ? • We wanna make it easier for our customers to manage their users • By providing them with a modern platform which handles their authorization and authentication pieces • So they don’t have to worry about :-)