South Texas ISSA
What: Instructor-Led Skills Workshop
When: November 21, 2025
Hours: 11:30 – 1:30 pm Central
Instructor:
Ivonne Fernandez, Cybersecurity Architect
Location:
Microsoft
750 Town and Country Blvd., #1000
Houston, TX 77024
ISSA Members: $20, includes 2 CPEs
ISSA Non-Member: $30, includes 2 CPEs
***NOTE: ISSA requires a minimum of 10 enrolled students to run this workshop If the minimum is not met, the class may be postponed or canceled.
***NOTE: This is a participatory event; please remember to bring your laptops. ***
Prerequisites:
• Knowledge of basic security and cloud concepts, and familiarity with Postman.
Who Should Attend:
Security engineers, developers, architects, and IAM professionals seeking practical, hands-on guidance on modern authentication and token security. Suitable for beginners and intermediate practitioners.
Description:
Secure your apps without slowing down users! Join this hands-on session to demystify OAuth 2.0 and OpenID Connect while learning practical defensive techniques to protect applications and user data.
What You’ll Learn:
- How to choose the right authentication flow for your app (confidential vs. public)
- Deep dive into Authorization Code Flow with PKCE — now the gold standard for SPAs & mobile apps
- Why the Implicit Flow is deprecated and what to use instead
- Using Client Credentials Flow for secure machine-to-machine communication
- How to interpret JWT tokens safely: uncover which IdP issued them, what APIs they access, and potential sensitive info
- Detect and remediate misconfigurations that pose security risks
Requirements:
Note: This is a defensive, hands-on training. We focus on tokens you legitimately own and how to secure them — no unauthorized access will be covered.
We’ll use Auth0 as the IdP for all demos and labs.
Instructor Bio:
Ivonne Fernandez is a Cybersecurity Architect with over a decade of experience designing secure, scalable, and compliant digital ecosystems across enterprise and cloud environments. She specializes in Customer Identity and Access Management (CIAM), helping organizations strengthen trust and security in their digital interactions. Ivonne holds a Master of Science in Information System Security from the University of Houston and a Certificate in Full Stack Web Development from Rice University. She is also a Certified Cloud Security Professional (CCSP).
Questions: Contact "Dr. Tom" Duffey, South Texas ISSA Education Director (education@southtexas.issa.org)
Please Note: ***Registration closes Nov 19, at 5:00 PM Central***
Also Note: Members, please verify your email address on file with ISSA. This is where all course correspondence will be sent to members for CPEs.
