

GraphQL’s capability to fetch precisely what’s needed and nothing more, its efficient handling of real-time data, and its ease of integration with modern architectures make it a compelling choice for modern web and mobile applications. As developers seek more efficiency and better performance from their applications, GraphQL is increasingly becoming the go-to technology for API development. However, building and maintaining GraphQL applications requires careful consideration of security. In this interactive workshop, developers and security engineers will strengthen their GraphQL security skills by learning key techniques such as complexity management, batching, aliasing, sanitization, and depth limit enforcement. They will also learn to implement customizable middleware, like GraphQL Armor, for various GraphQL server engines. Through hands-on exercises, participants will explore these techniques and packages, and apply them to enhance the safety of their GraphQL applications. By the end of the workshop, attendees will be equipped with practical knowledge to build secure and efficient GraphQL APIs.