Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the persistent security threat of nOAuth attacks in this 49-minute conference talk that builds upon Descope's 2023 research on critical OpenID Connect implementation flaws. Discover how this vulnerability enables user account takeover in SaaS applications and learn why it remains an active threat despite Microsoft's disclosure efforts. Examine new research findings that identify additional implementation flaw patterns and methods for staging nOAuth abuse, while understanding the process of uncovering vulnerable applications and analyzing varying developer responses. Gain practical insights into real-world exploitation examples and develop actionable strategies to mitigate this critical risk in modern SaaS environments. Learn from expert analysis of common anti-patterns in OpenID Connect implementations and understand what these ongoing vulnerabilities mean for securing contemporary cloud applications.
