Security matters. Almost developer agrees on this. However, building a secure application is a lot harder than it sounds. There are so many things to take into account, and so much information to sift through. Even with the best intentions, security often takes a back seat out of necessity.

This workshop changes that. In this workshop, we focus on the secure foundation every Angular application should have. We start by looking into fundamental isolation techniques. Next, we cover pertinent high-risk attack vectors and look into available and adequate countermeasures. Throughout the class, we build up a set of best practices. In the end, you walk away with the knowledge to improve the security of your applications.

Participation in the workshop requires a laptop with admin rights, capable of running a VirtualBox VM.

Outline

* The security model of the web
* The impact of HTTPS on your application
* Letting Angular deal with XSS for you
* Advanced injection attacks in an Angular application
* Managing session data securely
* The security implications of client-side data storage
* Safely using and embedding third-party dependencies
* Overview and conclusion

Language
English

About your Trainer

Dr. Philippe De Ryck
Founder of Pragmatic Web Security, Google Developer Expert

Philippe is a professional trainer and speaker on web security. He travels the world to teach developers the ins and outs of security engineering. He holds a Ph.D. in web security from KU Leuven.