Security in the era of modern applications and services

Security is hard. Old days are over and it requires way more then providing login form, comparing password hash and maintaining HTTP session. With the raise of mobile and client side apps, (micro) services and APIs it has become a fairly complex topic. At the same time with security breaches hitting the news on the monthly basis it is everyone's concern. Being an area every developer or architect needs to understand very well. Thankfully a number of modern standards and solutions emerged to help with current challenges. During this talk you will learn how to approach typical security needs using modern token based security and standards like OAuth2, OpenID Connect or SAML. We’ll discuss wide variety of security related topics around multi factor authentication or identity federation and brokering . You will also learn how you can leverage modern open source identity and access management solutions in your applications.