GraphQLConf 2026

In high-stakes industries, a GraphQL schema is more than a technical contract—it is a live map of your enterprise’s risk surface. For security teams, schema modifications are often "black box" events that threaten data integrity. To scale safely, we must move beyond manual gatekeeping to a Zero-Trust Supergraph where security is an invisible, automated fortress.

We will present a framework for Embedded Governance to bridge engineering and enterprise risk. Learn how to transform your graph's technical "menu" into a transparent Data Marketplace with radical observability, ensuring built-in security and compliance.

Attendees will learn to:
- Navigate the Risk Primer: Translate GraphQL features (types, fields, directives) into risk language to build organizational trust.
- Shift Security Left: Automate security with secure frameworks & replacing manual reviews.
- Architect for Data Isolation: Use of fine grained access to manage entitlements and prevent unauthorized data exposure.
- Harden the Control Plane: Reduce attack surface using technical strategies like disabling introspection and enforcing persisted query ownership.

GraphQL APIs face a unique threat landscape: deeply nested queries cause resource exhaustion, introspection exposes entire schemas, and mutation variables carry injection payloads past traditional WAFs. Yet most Go-based GraphQL servers ship with zero security middleware between HTTP and resolver execution.

I introduce GraphQLShield, an open-source Go middleware bringing defense-in-depth to GraphQL APIs through three layers: (1) Static schema analysis detecting cyclic types, missing depth limits, and sensitive field exposure before deployment; (2) Runtime CWE-aware input sanitization catching SQL injection, XSS, command injection, path traversal, and NoSQL injection in GraphQL variables — bridging go-safeinput’s MITRE CWE Top 25 coverage to GraphQL; and (3) Resolver code auditing inspired by gosec and cryptoguard-go flagging insecure crypto, hardcoded secrets, and missing auth checks.

A quick demo shows GraphQLShield intercepting 7 attack vectors against a gqlgen API, from SQL injection in mutation variables to depth-based DoS, while legitimate requests pass cleanly. Attendees leave with a zero-dependency Go library covering 14 CWE vulnerability classes across static and runtime analysis.

At a company like Booking.com, every sensitive field in the GraphQL schema has more than one team with a legitimate claim on it — Security, Identity, Legal, Privacy, Data Governance, the Traffic Gateway, the Federation Platform, and the hundreds of domain teams that own the data itself. When that many stakeholders need to agree on what "authorized" means for a single field, you don't have a security problem; you have a coordination problem. And solving it as security only makes it worse.This talk shares how we turned that coordination problem into a contract using a single federation directive — @policy. Domain teams author rules for the data they own. Privacy and Identity contribute cross-cutting concerns. Other domains compose by reference instead of re-authoring. The router is the only place enforcement happens. One audit trail. No cross-team meetings.

What you'll learn:

• Why multi-stakeholder access control is a coordination problem, not a security one

• How @policy becomes the coordination contract between domain teams, cross-cutting authorities, and the federation platform

•  The single-enforcement-point + bounded-authorship + free-reuse architecture — and how it lets new teams adopt without coordination overhead

Fragments—an indispensable tool for modularizing data requirements alongside client code, but also a denial-of-service attack vector for servers. Security guides will tell you to mitigate by validating queries and performing cost analysis, usually via field costs and list sizes. However, this focus on field execution can distract from how fragments affect the rest of the server stack. In this lightning talk, we explore the attack patterns and mitigation strategies for the fragment-based vulnerabilities at the core of CVE-2025-31496, CVE-2025-32030, CVE-2025-32033, and CVE-2025-32034.