What Every Developer Must Know About HTTPS
By Troy Hunt
Course info
Course info
Description
Securing the transport layer of any application talking over the web is becoming an absolutely essential attribute of modern software. However, HTTPS is frequently not implemented due to perceived (rather than actual) barriers and when it is, it's often done poorly. Not only that, but many modern browser features that can help streamline secure communications (and actually make it more efficient and resilient) are rarely used. In this course, What Every Developer Must Know About HTTPS, you will learn all about why you need HTTPS. First, you'll learn the many positive things that HTTPS does. Next, you'll learn about what many people perceive as barriers to HTTP adoption. Finally, you'll spend some time exploring some topics that go outside of the the basics of HTTPS. By the end of this course, you'll have a fundamental knowledge to both implement HTTPS properly from the outset and retrofit it to existing applications.
About the author
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.
More from the author
Section Introduction Transcripts
Course Overview
Hi, this is Troy Hunt, and welcome to my course on what every developer must know about HTTPS. I've created dozens of plural site courses over the years on all sorts of aspects of web security, so I spend a huge amount of my time doing that and traveling around the world talking to developers in all sorts of different organizations about how to secure their things on the web. Some of the things you'll learn in this course is why we need HTTPS. We run through a bunch of the fundamentals, about all sorts of different positive things that HTTPS does before we dive into what you actually need to do to secure your apps. You'll also learn about what many people perceive as barriers, so HTTPS adoption, and then you'll see why they simply don't apply anymore. I go through a lot of examples in industry precedents that will contextualize just why HTTPS is so important. You'll see where it's all gone wrong before and learn how to implement this essential security defense properly. By the end of this course, you'll be all set to roll out HTTPS in your app, and if you already have it, you'll almost certainly learn a bunch of new tricks to make it faster, more secure, and more reliable. No matter what platform you're working on, this is a great course for learning everything you need to know as a developer about properly implementing HTTPS.