Latest GraphQL Security posts

BasicsDevOpsDirectivesError HandlingExamplesFile UploadsFilteringFragmentsGolangPaginationPythonRuby
Security
May 26, 2021

9 Ways To Secure your GraphQL API — GraphQL Security Checklist

GraphQLSecurity

So you’ve built out your GraphQL API, and you’re nearly ready to deploy it to production. Fantastic. Let’s talk security: a significant part of every stable application on the internet. It’s worth taking some time to mitigate the most common issues. In this article, we will explore three main areas for how to secure your […]

May 7, 2021

Why You Should Disable GraphQL Introspection In Production – GraphQL Security

BackendGraphQLSecurity

Once your graph is up and running in production, like anything else on the internet, it’s a good idea to implement precautions to prevent it from being compromised by bad actors. Disabling introspection in production is a widely debated topic, but we believe it’s one of the first things you can do to harden your […]

February 21, 2018

Securing Your GraphQL API from Malicious Queries

BackendCommunityHow-toSecurity

With GraphQL you can query exactly what you want whenever you want. That is amazing for working with an API, but also has complex security implications. Instead of asking for legitimate, useful data, a malicious actor could submit an expensive, nested query to overload your server, database, network, or all of these. Without the right […]

Recent posts

November 25, 2021

What is a Graph Database? | Why GraphQL is Not a Graph Database

by Khalil Stemmler
November 24, 2021

5 Reasons Why I Joined Apollo GraphQL

by Chris Shaw
November 19, 2021

GraphQL Summit Recap: Everything We Launched

by Jessica Hofman

Company

Community

Help