Total Pages
Active Readers
There is a lot of misconception among developers and managers about the nature and responsibility of web application security. Contrary to popular beliefs:
Looking at the OWASP Top 10 we can see, that most attacks are preformed using simple attack vectors that rely on ignorance or negligence on the part of the developers. Attacks using zero-day or underlying OS exploits are rare and used only against high-profile targets.
Breaches in security are becoming more and more expensive - according to recent survey by PWC the average cost of a breach for small companies is between 116 000$ - 480 000$, and between 2 250 000$ - 4 860 000$ for big companies.
The website you build might not be the Facebook with 100s of millions of users, doesn't matter. Attackers use mass scanning techniques to find and compromise easy targets no matter how small, because its ultimately your users that they are after. Breaking your security can help compromise more prominent targets - you might just be the weakest link in the chain.
Experts in the field spend most of their time looking for new vulnerabilities or preforming penetration testing to discover your code's deficiencies. Mitigation within your application is not their job - it's yours. Learn and become a better developer so you won't have to discover vulnerabilities through exploits.
Discover the core traps of JavaScript and Node.js. Learn to set up and protect a secure environment for your application.
Learn to mitigate the main attack vectors against authentication, session management and authorization systems.
Study the complexities of securing our browser side code. Implement various defences against attacks targeting your users.
Find out how to handle and store your data securely. Mitigate various data stealing attack vectors.
Take the power from attackers, by learning to avoid vulnerabilities in your input handling.
Learn to systematically analyze your existing code to discover vulnerabilities and apply mitigation.
Thank You! Your message has been sent.
Something went wrong, try refreshing and submitting the form again.