December 9 - 10, 2021
GraphQL Galaxy
Online

GraphQL Galaxy 2021

The biggest GraphQL conference in the cloud



This edition of the event has finished, the latest updates of this Tech Conference are available on the Brand Website.
From GraphQL Zero to GraphQL Hero with RedwoodJS
32 min
From GraphQL Zero to GraphQL Hero with RedwoodJS
Top Content
Tom Pressenwurter introduces Redwood.js, a full stack app framework for building GraphQL APIs easily and maintainably. He demonstrates a Redwood.js application with a React-based front end and a Node.js API. Redwood.js offers a simplified folder structure and schema for organizing the application. It provides easy data manipulation and CRUD operations through GraphQL functions. Redwood.js allows for easy implementation of new queries and directives, including authentication and limiting access to data. It is a stable and production-ready framework that integrates well with other front-end technologies.
Build with SvelteKit and GraphQL
140 min
Build with SvelteKit and GraphQL
Top Content
WorkshopFree
Scott Spence
Scott Spence
Have you ever thought about building something that doesn't require a lot of boilerplate with a tiny bundle size? In this workshop, Scott Spence will go from hello world to covering routing and using endpoints in SvelteKit. You'll set up a backend GraphQL API then use GraphQL queries with SvelteKit to display the GraphQL API data. You'll build a fast secure project that uses SvelteKit's features, then deploy it as a fully static site. This course is for the Svelte curious who haven't had extensive experience with SvelteKit and want a deeper understanding of how to use it in practical applications.

Table of contents:
- Kick-off and Svelte introduction
- Initialise frontend project
- Tour of the SvelteKit skeleton project
- Configure backend project
- Query Data with GraphQL
- Fetching data to the frontend with GraphQL
- Styling
- Svelte directives
- Routing in SvelteKit
- Endpoints in SvelteKit
- Deploying to Netlify
- Navigation
- Mutations in GraphCMS
- Sending GraphQL Mutations via SvelteKit
- Q&A
Batteries Included Reimagined - The Revival of GraphQL Yoga
33 min
Batteries Included Reimagined - The Revival of GraphQL Yoga
Envelope is a powerful GraphQL plugin system that simplifies server development and allows for powerful plugin integration. It provides conformity for large corporations with multiple GraphQL servers and can be used with various frameworks. Envelope acts as the Babel of GraphQL, allowing the use of non-spec features. The Guild offers GraphQL Hive, a service similar to Apollo Studio, and encourages collaboration with other frameworks and languages.
Adopting GraphQL in an Enterprise
32 min
Adopting GraphQL in an Enterprise
Today's Talk is about adopting GraphQL in an enterprise. It discusses the challenges of using REST APIs and the benefits of GraphQL. The Talk explores different approaches to adopting GraphQL, including coexistence with REST APIs. It emphasizes the power of GraphQL and provides tips for successful adoption. Overall, the Talk highlights the advantages of GraphQL in terms of efficiency, collaboration, and control over APIs.
Building GraphQL APIs on top of Ethereum with The Graph
48 min
Building GraphQL APIs on top of Ethereum with The Graph
WorkshopFree
Nader Dabit
Nader Dabit
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, and other blockchains. Anyone can build and publish open APIs, called subgraphs, making data easily accessible.

In this workshop you’ll learn how to build a subgraph that indexes NFT blockchain data from the Foundation smart contract. We’ll deploy the API, and learn how to perform queries to retrieve data using various types of data access patterns, implementing filters and sorting.

By the end of the workshop, you should understand how to build and deploy performant APIs to The Graph to index data from any smart contract deployed to Ethereum.
GraphQL Performance and Monitoring
32 min
GraphQL Performance and Monitoring
This Talk explores the performance implications of using GraphQL in a hotel property management system. It discusses optimizing GraphQL API calls, schema design, and caching using Data Loader. The use of automatic persisted queries and caching can improve performance. The impact of response size and pagination in GraphQL queries is also addressed. Additionally, the Talk emphasizes the importance of monitoring and testing queries, as well as improving perceived performance through visual feedback.
Hard GraphQL Problems at Shopify
164 min
Hard GraphQL Problems at Shopify
WorkshopFree
Rebecca Friedman
Jonathan Baker
Alex Ackerman
Théo Ben Hassen
 Greg MacWilliam
5 authors
At Shopify scale, we solve some pretty hard problems. In this workshop, five different speakers will outline some of the challenges we’ve faced, and how we’ve overcome them.

Table of contents:
1 - The infamous "N+1" problem: Jonathan Baker - Let's talk about what it is, why it is a problem, and how Shopify handles it at scale across several GraphQL APIs.
2 - Contextualizing GraphQL APIs: Alex Ackerman - How and why we decided to use directives. I’ll share what directives are, which directives are available out of the box, and how to create custom directives.
3 - Faster GraphQL queries for mobile clients: Theo Ben Hassen - As your mobile app grows, so will your GraphQL queries. In this talk, I will go over diverse strategies to make your queries faster and more effective.
4 - Building tomorrow’s product today: Greg MacWilliam - How Shopify adopts future features in today’s code.
5 - Managing large APIs effectively: Rebecca Friedman - We have thousands of developers at Shopify. Let’s take a look at how we’re ensuring the quality and consistency of our GraphQL APIs with so many contributors.
GraphQL Caching Demystified
21 min
GraphQL Caching Demystified
Today's Talk focuses on GraphQL caching and improving performance using Fastify and Mercurius. The experiment involves federated services, resolver caching, and load testing with AutoCANON. Enabling caching with a 0 second TTL can increase throughput by 4 times. The AsyncCacheDedupe module allows for efficient caching and avoiding unnecessary computations. Redis pipelining has improved requests per second by 100 times. Cache invalidation is an ongoing topic of development.
Full Stack GraphQL In The Cloud With Neo4j Aura, Next.js, & Vercel
161 min
Full Stack GraphQL In The Cloud With Neo4j Aura, Next.js, & Vercel
WorkshopFree
William Lyon
William Lyon
In this workshop we will build and deploy a full stack GraphQL application using Next.js, Neo4j, and Vercel. Using a knowledge graph of news articles we will first build a GraphQL API using Next.js API routes and the Neo4j GraphQL Library. Next, we focus on the front-end, exploring how to use GraphQL for data fetching with a Next.js application. Lastly, we explore how to add personalization and content recommendation in our GraphQL API to serve relevant articles to our users, then deploy our application to the cloud using Vercel and Neo4j Aura.

Table of contents:
- Next.js overview and getting started with Next.js
- API Routes with Next.js & building a GraphQL API
- Using the Neo4j GraphQL Library
- Working with Apollo Client and GraphQL data fetching in Next.js
- Deploying with Vercel and Neo4j Aura
How to Edge Cache GraphQL APIs
23 min
How to Edge Cache GraphQL APIs
Max Stoiber, co-founder of GraphCDN, discusses the challenges faced with RethinkDB and the need for caching in a read-heavy API. He explores how GraphQL clients handle caching and the potential of running a GraphQL client at the edge for faster response times. Authorization and cache key management at the edge are also discussed, along with the benefits of edge-caching and the importance of caching in GraphQL APIs. The audience response reveals that a significant percentage are already caching their APIs, while different use cases for caching and the concept of edge computing are explained.
GraphQL Authentication and Authorization at Scale
22 min
GraphQL Authentication and Authorization at Scale
This talk discusses the implementation of GraphQL Authentication and Authorization at scale at Unity. The speaker explains how they use GraphQL Federation to expose business functionality through a centralized schema and the challenges they faced in handling auth at scale. They describe how they simplified configuration and scaling using Mercurius and implemented hooks and an Orth plugin. The implementation at Unity involves a Unity Orth endpoint and a central Unity Orth directive definition. The talk also covers the implementation of AuthPolicyHandler and AuthDirective for downstream services and showcases different access levels. The Mercurius Auth plugin provides a scalable approach to authentication and ongoing improvements include adding support for a filter schema.
Semantic Search through the Complete Wikipedia with Weaviate’s GraphQL API
17 min
Semantic Search through the Complete Wikipedia with Weaviate’s GraphQL API
Weaviate is a database and search engine that uses a GraphQL API. It supports various machine learning models for data vectorization and search. The core functions of Weaviate are get, explore, and aggregate, which allow users to query and search through the data set. Weaviate provides fast and accurate results, allowing users to find anything in the dataset. The GraphQL API in Weaviate can be used for querying specific data and establishing graph relations.
GraphQL + Apollo + Next.js: A Lovely Trio
21 min
GraphQL + Apollo + Next.js: A Lovely Trio
This talk provides an overview of using GraphQL, Apollo, and Next.js together. It covers Next.js' data loading and routing capabilities, code generation with GraphQL, and generating TypeScript types. The talk also explores Apollo Client and its integration with GraphQL code generation. The speaker recommends checking out companion repositories and resources for more information.
Directive-driven GraphQL Development
21 min
Directive-driven GraphQL Development
Lenny Burdett discusses Directive-Driven GraphQL, a prototype for building GraphQL APIs. The approach involves adding and removing parts of the schema, and offers advantages over imperative systems. The prototype integrates GraphQL with gRPC, allowing for easy editing and reshaping of the schema. The gRPC DSL and directives determine the behavior of the API. The directive-driven approach also supports Apollo Federation and future work includes support for GraphQL unions and real-time data subscriptions.
Exploring the WordPress Graph with Next.js & WPGraphQL
23 min
Exploring the WordPress Graph with Next.js & WPGraphQL
WordPress is widely used, and it now supports a REST API for headless usage. Serving static HTML files allows for infinite scaling and surviving viral traffic. GraphQL can be used to interface with WordPress data, reducing complexity. WordPress can be coupled with plugins like Yoast and ACF, and WPGraphQL works seamlessly with these plugins. GraphQL allows for selecting only necessary data and has performance advantages over REST APIs.
Evaluating GraphQL for Setting Up an Enterprise-Grade Data Mesh
24 min
Evaluating GraphQL for Setting Up an Enterprise-Grade Data Mesh
This Talk explores the benefits of using GraphQL APIs for data, including representing domain models, addressing API tooling and infrastructure, and supporting interconnected data. It discusses model mapping, read APIs, filtering, sorting, and aggregating data, as well as mutations for invoking logic. The Talk also highlights the importance of standardizing infrastructure and leveraging GraphQL's automatic model mapping and authorization. Additionally, it touches on the use of specialized databases, the comparison between GraphQL and gRPC for data APIs, and the speaker's experience working on various parts of the stack.
Learning GraphQL: from curious to confident
135 min
Learning GraphQL: from curious to confident
WorkshopFree
Buddha Bhattacharya
Buddha Bhattacharya
GraphQL is a query language for APIs that provides a complete and understandable description of the data in your API while giving clients the power to ask for exactly what they need and nothing more. While there are a number of benefits of GraphQL, there are also various challenges to adopting GraphQL APIs within organisations. So, is GraphQL right for you? If so, where do you get started?

In this workshop, we will take you through the various concepts of GraphQL in a hands-on manner with the objective of helping the audience understand GraphQL as a technology and evaluate if it is the right choice for their project/organisation.

Table of contents:
- What is GraphQL - An overview of the technology and why it exists
- The REST v/s GraphQL debate
- The GraphQL ecosystem - tools and resources
- Project setup (React + Express + Tyk)
- GraphQL concepts: basic hands-on
- GraphQL API management with Tyk
- Schema stitching with Tyk Universal Data Graph
- Conclusion
Building a Serverless GraphQL API For Any Datasource With StepZen
75 min
Building a Serverless GraphQL API For Any Datasource With StepZen
WorkshopFree
Roy Derks
Roy Derks
Want to get started with building a GraphQL server but have no idea where to begin? Every (frontend) developer asks for a GraphQL API but often lacks the backend knowledge to create a performant one. There are many different flavours in creating the perfect GraphQL server, ranging from schema-first to code-first or even auto-generated solutions.

In this interactive workshop, you will learn about building a serverless GraphQL API using StepZen. With StepZen, you can create a GraphQL for any data source (SQL, NoSQL & REST) and even other GraphQL APIs within minutes. And even handle more complicated use cases such as authentication and deployment. Using little code, you'll get to combine different data sources in one fully performant API that you can use in your applications from day one.

Table of contents:
- What is StepZen?
- Connecting to a data source (SQL, NoSQL & REST)
- Using custom directives
- Handle sequence flows
- Deployment
The Secret to Graph Onboarding
24 min
The Secret to Graph Onboarding
Today's Talk focused on making GraphQL graphs more usable and approachable. It covered topics such as onboarding developers, enforcing graph usage, handling errors and authentication, creating a custom developer portal, enhancing the log-in button and query IDE experience, enforcing rules, and building and customizing public graphs.
Building a Serverless GraphQL API in 7 Minutes
8 min
Building a Serverless GraphQL API in 7 Minutes
Maxime Beunier, a developer advocate at MongoDB, demonstrates how to build a serverless GraphQL API using MongoDB Atlas and Realm. He creates a new app called Galaxy, links it to the production cluster, and deploys it in Ireland. He then shows how to authenticate users and obtain a token to access the GraphQL API. The demo showcases the ease and speed of building a serverless GraphQL API and provides all the necessary links for further exploration.
Building a GraphQL-native serverless backend with Fauna
143 min
Building a GraphQL-native serverless backend with Fauna
WorkshopFree
Rob Sutter
Shadid Haque
2 authors
Welcome to Fauna! This workshop helps GraphQL developers build performant applications with Fauna that scale to any size userbase. You start with the basics, using only the GraphQL playground in the Fauna dashboard, then build a complete full-stack application with Next.js, adding functionality as you go along.

In the first section, Getting started with Fauna, you learn how Fauna automatically creates queries, mutations, and other resources based on your GraphQL schema. You learn how to accomplish common tasks with GraphQL, how to use the Fauna Query Language (FQL) to perform more advanced tasks.

In the second section, Building with Fauna, you learn how Fauna automatically creates queries, mutations, and other resources based on your GraphQL schema. You learn how to accomplish common tasks with GraphQL, how to use the Fauna Query Language (FQL) to perform more advanced tasks.
Tooling and Processes for Managing GraphQL at Scale
18 min
Tooling and Processes for Managing GraphQL at Scale
This talk discusses the life of a GraphQL developer at Yelp, covering tooling, processes, and the scale of GraphQL usage. It emphasizes the importance of making good schema choices and using GraphQL Faker for quick iteration. The talk also highlights the challenges of using data loaders at Yelp and the solutions implemented, such as code generation and precommits. It mentions the significance of schema review, documentation, and GraphQL adoption. Lastly, it mentions the value of obsessive documentation and the use of vPress for generating markdown and an in-house UI for query reference.
Building GraphQL APIs With The Neo4j GraphQL Library
175 min
Building GraphQL APIs With The Neo4j GraphQL Library
WorkshopFree
William Lyon
William Lyon
This workshop will explore how to build GraphQL APIs backed Neo4j, a native graph database. The Neo4j GraphQL Library allows developers to quickly design and implement fully functional GraphQL APIs without writing any resolvers. This workshop will show how to use the Neo4j GraphQL Library to build a Node.js GraphQL API, including adding custom logic and authorization rules.

Table of contents:
- Overview of GraphQL and building GraphQL APIs
- Building Node.js GraphQL APIs backed a native graph database using the Neo4j GraphQL Library
- Adding custom logic to our GraphQL API using the @cypher schema directive and custom resolvers
- Adding authentication and authorization rules to our GraphQL API
Serving GraphQL Subscriptions Using PHP and Drupal
7 min
Serving GraphQL Subscriptions Using PHP and Drupal
This Lightning Talk discusses the setup of GraphQL subscriptions in a Drupal-based product, using Rescript and React on the client-side and the Urql GraphQL client. The choice of ReactPHP over AMP for the subscription service is explained, highlighting the use of Fibers in PHP 8.1 for asynchronous task handling.
Putting the Graph In GraphQL With The Neo4j GraphQL Library
23 min
Putting the Graph In GraphQL With The Neo4j GraphQL Library
The Talk discusses putting the graph in GraphQL with the Neo4j GraphQL Library. It explores building GraphQL APIs backed by a graph database and the comparison between Cypher and GraphQL. The Neo4j GraphQL library provides powerful features such as CRUD functionality, authorization, and pagination. It also covers topics like database integration, hiring for the GraphQL team, and deploying a GraphQL API with the Neo4j GraphQL library.
Build a GraphQL App with React
98 min
Build a GraphQL App with React
WorkshopFree
Johan Eliasson
Johan Eliasson
In this workshop, we'll build a React app from zero to one using a GraphQL API from Nhost.

Table of contents:
- Sign up to Nhost and create a Nhost app
- Create database table
- Set up React app
- Install Nhost and GraphQL dependencies
- Display data in React app
- Let users sign in
- Add GraphQL API permissions
Performance Monitoring of a Heterogeneous GraphQL Mesh App
8 min
Performance Monitoring of a Heterogeneous GraphQL Mesh App
Performance monitoring is crucial for businesses as users don't like to wait. The ApolloEngine tool helps track and analyze metrics, revealing response time variances and other information. Instana combines traces for service communication with infrastructure metrics and end user monitoring, implementing open telemetry. Apollo Studio is great for managing the GraphQL schema and provides full observability, enabling efficient root cause analysis.
Building GraphQL APIs on Ethereum
8 min
Building GraphQL APIs on Ethereum
This Talk is about building GraphQL APIs on top of Ethereum and the Ethereum virtual machine. The graph is an indexing protocol for querying blockchain networks like Ethereum and IPFS. Developers can build APIs called subgraphs to efficiently index data and make it available for querying from frontend applications. The graph serves over 1 billion queries per day and is used in various Web3 applications including DeFi, gaming, and NFT marketplaces. The process involves defining the data model using the GraphQL schema and contract addresses, deploying and testing the subgraph, and using a GraphQL client to query the subgraph.
Everything You Need to Get Your GQL Server Production Ready
130 min
Everything You Need to Get Your GQL Server Production Ready
WorkshopFree
Uri Goldshtein
Uri Goldshtein
There are always a lot of questions and conference talks about bringing GraphQL servers into production, but there aren’t a lot of good concrete steps and actions to follow. In the workshop Uri (The founder of The Guild) will walk you through The Guild’s process of bringing GraphQL Server into production.

We will add:

- Powerful Caching
- Logging, Monitoring and tracing
- Security features like Auth, Error Masking, Persisted Operations, Depth and Rate limit
If you are planning to have your GraphQL server running in production, this is a must have workshop for you!
Security Testing Automation for Developers on Every Build
82 min
Security Testing Automation for Developers on Every Build
WorkshopFree
Oliver Moradov
Bar Hofesh
2 authors
As a developer, you need to deliver fast, and you simply don't have the time to constantly think about security. Still, if something goes wrong it's your job to fix it, but security testing blocks your automation, creates bottlenecks and just delays releases, especially with graphQL...but it doesn't have to...

NeuraLegion's developer-first Dynamic Application Security Testing (DAST) scanner enables developers to detect, prioritise and remediate security issues EARLY, on every commit, with NO false positives / alerts, without slowing you down.

Join this workshop to learn different ways developers can access NeuraLegion's DAST scanner & start scanning without leaving the terminal!

We will be going through the set up end-to-end, whilst setting up a pipeline for a vulnerable GraphQL target, running security tests and looking at the results.

Table of contents:
- What developer-first DAST (Dynamic Application Security Testing) actually is and how it works
- See where and how a modern, accurate dev-first DAST fits in the CI/CD
- Integrate NeuraLegion's scanner with GitHub Actions
- Understand how modern applications, GraphQL and other APIs and authentication mechanisms can be tested
- Fork a repo, set up a pipeline, run security tests and look at the results
When (Not) To Create A GraphQL Server
8 min
When (Not) To Create A GraphQL Server
Building a scalable GraphQL server can be challenging. There are multiple reasons to build a GraphQL server, such as optimizing client requests and wrapping microservices. The SDL first GraphQL server allows you to write your schema separately from your resolvers, giving you full control. You can create a GraphQL API automatically from a schema, simplifying the process and eliminating the need for manual deployments. The schema can link data sources and third-party APIs, allowing for easy integration and customization.
All You (n)ever Wanted to Know about Introspection
20 min
All You (n)ever Wanted to Know about Introspection
Introspection in GraphQL allows APIs to be self-aware and self-discoverable. It eliminates the need for external standards or documentation and provides detailed information about types and fields. The introspection query provides insights into the schema, and GraphQL Tools allows schema transformation. The introspection result can be used for generating powerful tooling and detecting breaking changes in CI/CD pipelines.
GraphQL Security Testing Automation for Developers
9 min
GraphQL Security Testing Automation for Developers
Neuraligions is a dynamic application security testing scanner designed for developers to test apps, APIs, and ensure trusted security. It seamlessly integrates into pipelines, providing accurate results without false positives. The biggest issue with security scanners is accuracy, and Neuralegion addresses this by automatically validating findings and eliminating false positives. It also provides full visibility of recurring and new issues, along with developer-friendly remediation guidelines. Integrations with common tools and APIs make collaboration seamless and accurate.
GraphQL for Web and Mobile Apps Made Simple
6 min
GraphQL for Web and Mobile Apps Made Simple
Enhost provides a simple and accessible GraphQL backend for web and mobile apps. They offer a serverless infrastructure, taking care of setup and configuration, allowing developers to focus on app development. Enhost's stack includes a Postgres database, a Hasura-powered GraphQL API, Hasura Auth for authentication, Hasura Storage for file uploads, and support for functions in Node.js and Go. The backend is 100% open-source and includes features like event triggers, a CLI for local development, and GitHub integration. With Enhost, there are no excuses not to use GraphQL and build apps that users will love.
All Things Graph...
8 min
All Things Graph...
GraphQL is an up and coming trend in API development, allowing for the combination of REST endpoints into a single API call. Tyk, an open source API gateway vendor, is now offering full lifecycle API management. With GraphQL, developers can import REST APIs into Tyk and convert them into GraphQL APIs, simplifying the process and reducing the number of API calls required. This lightning talk provides a demonstration of importing IDs, defining data sources, and combining endpoints using GraphQL.
GraphQL Workshop Medley to build cloud native apps with Open Source Distributed SQL database
155 min
GraphQL Workshop Medley to build cloud native apps with Open Source Distributed SQL database
WorkshopFree
Nikhil Chandrappa
Eric Pratt
Marko Rajcevic
Taylor Mull
4 authors
YugateDB is a popular open-source Distributed SQL database designed and built for cloud native applications from the ground up. YugateDB allows developers to easily scale the RDBMS workloads for internet-scale apps while natively handling the cloud infrastructure outages supporting cross-region and cross Datacenter deployments. In this workshop, participants will get firsthand experience implementing GraphQL applications using three of the most popular GraphQL engines in Hasura, Prisma, and Spring GraphQL connected to the YugateDB database.

This workshop will provide quick start guides for GraphQL developers for getting started with YugateDB. The workshop will include steps for creating a YugateDB database instance, configuring the database for the respective GraphQL engine, and the best practices for writing the GraphQL queries for YugateDB. From this workshop session, developers will know all the main concepts of getting started with YugateDB and GraphQL to solve the business use case at hand using YugateDB.
GraphQL Beyond HTTP APIs
8 min
GraphQL Beyond HTTP APIs
GraphQL can be used beyond HTTP, including scenarios like WebSockets for real-time messaging. It is versatile and can handle background jobs, generate reports, export large amounts of data, and handle webhook payloads. GraphQL's support for WebAssembly allows for executing user-provided code while maintaining security and authorization.
Scalable GraphQL Applications Powered by Cloud-ready Distributed SQL Database
8 min
Scalable GraphQL Applications Powered by Cloud-ready Distributed SQL Database
YugabyteDB is an open-source distributed SQL database that offers horizontal scalability and geo-distribution while maintaining Postgres compatibility. It enables building scalable and always-on GraphQL services by allowing the workload to be scaled through the addition of new nodes and deployment across different regions or clouds. YugabyteDB also supports geo-partitioning and data compliance. It can easily handle increasing GraphQL workloads and can be tried out by downloading the database or using the Yugabyte Cloud platform.
Enlist the Help of Your Schema for Caching!
6 min
Enlist the Help of Your Schema for Caching!
In this lightning talk, the speaker discusses best practices for caching GraphQL APIs. They emphasize the importance of consistent naming and configuration for caching fields. Keeping types consistent and making the cache aware of the schema can improve efficiency. The speaker also suggests splitting queries to optimize caching and reduce server round trips.
How to Make GraphQL Security Easier with StackHawk
9 min
How to Make GraphQL Security Easier with StackHawk
StackHawk is a dynamic application security testing tool that integrates with CI/CD workflows and helps developers quickly understand and fix security issues. It can be used to test running HTTP applications and API endpoints for security bugs, and provides simple descriptions and examples of security issues. The talk demonstrates testing a blog service with StackHawk, which identified critical security vulnerabilities like SQL injection and remote OS command injection. StackHawk allows developers to easily investigate and fix these issues by providing well-formatted requests and allowing for easy replay in the application.
GraphQL Security Testing Technical Workshop
104 min
GraphQL Security Testing Technical Workshop
WorkshopFree
Zachary Conger
Zachary Conger
We’ve all heard the buzz around pushing application security into the hands of developers, but if you’re like most companies, it has been hard to actually make this a reality. You aren’t alone – putting the culture, processes, and tooling in place to make this happen is tough – especially for sophisticated applications like those backed GraphQL. In this hands-on technical session, StackHawk Senior DevOps Engineer, Zachary Conger, will walk through how to protect your GraphQL APIs from vulnerabilities using automated security testing. Get ready to roll-up your sleeves for automated AppSec testing.