MergePHP - Webhooks: The Good, The Bad, and the Ugly

Webhooks are a pillar of modern application development. They notified us of that new commit, an incoming text message, our email was delivered, and payment was processed. Our systems can only function with webhooks sending data seamlessly and securely across the internet.

But what happens if they're not secure? What happens if your webhooks are intercepted, manipulated, or even replayed against your systems? What are the best ways to protect our systems as providers and consumers? In this session, we'll delve into the 100+ implementations we explored to build webhooks.fyi to identify the best and worst patterns to protect our systems now and in the future.

Speaker: Keith Casey serves on the Product/GTM Team at ngrok helping teams launch their systems faster and easier than ever before. Previously, he served on the Product Team at Okta, working on Identity and Authentication APIs, as an early Developer Evangelist at Twilio, and worked to answer the Ultimate Geek Question at the Library of Congress. His underlying goal is to get good technology into the hands of good people to do great things. In his spare time, he writes at CaseySoftware.com and lives in the woods. He also co-authors "A Practical Approach to API Design."

MergePHP is:

• AtlantaPHP
• AustinPHP
• AZ PHP
• BostonPHP
• Kansas City PHP
• San Diego PHP
• SeattlePHP
• UtahPHP
• Vegas PHP
• Vancouver PHP

Subscribe to our Channel: https://www.youtube.com/c/MergePHP
Follow us on Mastodon: https://phpc.social/@merge.

Speaker Signups: https://mphp.io/speakers
Suggest Speakers: https://mphp.io/suggest

---
Join the TexasPHP or PHPC Chat: https://austinphpchat.com

Like us on LinkedIn (https://www.linkedin.com/company/austinphp)