Description
Course info
Rating
(352)
Level
Intermediate
Updated
Apr 4, 2015
Duration
1h 42m
Description

Frequently, the first thing a developer knows of a serious security flaw in their application is when it’s too late and it’s already been exploited. There’s a broad range of security risks and corresponding mitigations within web applications and it’s absolutely essential that developers learn how to identify these themselves. This course walks through a typical security review of an established web application and identifies which practices have been done well and then which ones could be improved. It’s a technology agnostic course – it doesn’t matter whether you work in ASP.NET or Node or PHP, this is all about the web and applies equally to all apps that run in the browser.

About the author
About the author

Lars is an author, trainer, Microsoft MVP, community leader, authority on all things Windows Platform, and part time crocodile wrangler. He is heavily involved in the space of HoloLens and mixed reality, as well as a published Pluralsight author, freelance solution architect, and writer for numerous publications.

More from the author
Managing Scope Creep
Beginner
1h 22m
Jul 5, 2018
Play by Play: Fundamentals of Angular Testing
Intermediate
1h 57m
May 31, 2018
More courses by Lars Klint
About the author

Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.

More from the author
Modern Browser Security Reports
Beginner
57m
Aug 3, 2018
More courses by Troy Hunt
Section Introduction Transcripts
Section Introduction Transcripts

Secure Account Management
Hi. I'm Lars Klint. I'm a developer and author with Pluralsight and I'm here today with Troy Hunt that I've asked to do a security review of an application that we've done at the company I work for. So thanks Troy for having a look at this app and then giving it, well, your treatment. Yeah, thanks Lars. Yeah, we've given it a little bit of a treatment and look what I've done and what we're going to do today is pretty much what I do for any app where someone says look we want to have a security review, we want to go through and see how the thing is put together and where the sort of common vulnerabilities are. So that's what I've done for you and we're going to go through that whole process today. So should I be excited or scared? Yes. A little bit of both. So maybe where we should start is just a little bit of context, what does this app do?