Why Your GraphQL APIs Are (Increasingly) Under Attack
Make no mistake about it: threat actors are increasingly bent on hunting down, attacking, and exploiting your GraphQL APIs. But understanding exactly how these actors go about recognizing where your GraphQL APIs reside—and how their attacks proceed—can put you on the right road to attack-thwarting countermeasures. GraphQL’s declarative query language enables clients to collect information using specialized queries. Threat actors commonly interrogate APIs in order to uncover critical information that could aid in further attacks. These information-gathering and reconnaissance tactics feed into the logic of their scanning tools to determine the location of GraphQL APIs—and what they contain. Session attendees will come away with thorough knowledge of how to detect and mitigate nefarious GraphQL activities, and how to implement a security layer to protect targeted GraphQL APIs and effectively block attacks. Attendees of this GraphQLConf talk will learn: -- The techniques attackers use to gather information on your GraphQL APIs -- The telltale anomalous behavior associated with that reconnaissance, and -- How to surface threats and block those attack paths before exploits occur.