Breaking Tokens: Modern Attacks on OAuth, OIDC, and JWT Auth Flows (<– add to your schedule)
Modern authentication systems like OAuth and OIDC are often misunderstood. This talk demonstrates real-world attacks such as token replay and session hijacking, shows how weak configurations lead to compromise, and shares practical defense strategies to secure your auth flows.
Bhaumik Shah:
Bhaumik Shah is a cybersecurity leader and founder of Securify, where he helps organizations secure their cloud, applications, and infrastructure through penetration testing, red team operations, and compliance programs like SOC 2 and ISO 27001. With over a decade of experience uncovering vulnerabilities in complex environments — from AWS misconfigurations to API flaws — he has worked with startups, enterprises, and government agencies to strengthen their security posture. Bhaumik is passionate about sharing real-world lessons from the field, mentoring the next generation of security professionals, and occasionally sneaking in a pop-culture reference or two to make security just a little more fun.