Web Security Training

Navigating the web security landscape

Navigating the web security landscape

trainingsessions – Resources

Building Secure Angular Applications

Blog The slides from my talk about security in Angular applications. It covers Angular's built-in XSS protection, and points out how you can use Subresource Integrity, Content Security Policy and Sandboxing to further improve the security of your application. Read More ›

trainingsessions – Resources

Secure Authentication with OAuth 2.0 in Ember

Blog The slides for the workshop on Secure Authentication with OAuth 2.0 in an Ember application, as given during a workhop at EmberConf 2017. Read More ›

trainingsessions – Resources

Boosting the Security of your Angular Application

Blog The slides from my talk about security in Angular applications. It covers Angular's built-in XSS protection, and points out how you can use Subresource Integrity, Content Security Policy and Sandboxing to further improve the security of your application. Read More ›

trainingsessions – Resources

Demystifying Spring Security headers by example

Blog I talked about Spring Security, and the great job it does enabling various security headers by default. But do you know what they actually mean? Find out in this talk. Read More ›

digest – Article

The websec digest #11

Blog The websec digest gives you a filtered overview of noteworthy incidents, interesting technologies and upcoming events. This edition covers two noteworthy stories that dwarf other news: the SHA1 collision produced by Google, and the data leakage over at Cloudflare. Read More ›