GOTO 2019 • Building Secure React Applications • Philippe De Ryck
This presentation was recorded at GOTO Berlin 2019. #GOTOcon #GOTOber
http://gotober.com
Philippe De Ryck - PhD in web security, OWASP and practical security mastermind and founder of Pragmatic Web Security
ABSTRACT
React is a secure framework. It handles cross-site scripting (XSS) out of the box. While these statements sound very hopeful, they are unfortunately far from reality. Building secure applications with React is easier than starting from scratch. However, even with React, there are several guidelines and considerations to take into account.
In this session, we take a deep-dive into two particular topics. We take a close look at XSS, React's defenses, and the responsibilities of the developer. The second topic zooms in on the challenges with including NPM dependencies. We look at how attackers abuse NPM to target your application. Throughout these topics, we build a set of concrete guidelines you can immediately apply to [...]
Download slides and read the full abstract here:
https://gotober.com/2019/sessions/833/building-secure-react-applications
https://twitter.com/GOTOber
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#Security #OWASP #React
Looking for a unique learning experience?
Attend the next GOTO Conference near you! Get your ticket at http://gotocon.com
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Видео GOTO 2019 • Building Secure React Applications • Philippe De Ryck канала GOTO Conferences
http://gotober.com
Philippe De Ryck - PhD in web security, OWASP and practical security mastermind and founder of Pragmatic Web Security
ABSTRACT
React is a secure framework. It handles cross-site scripting (XSS) out of the box. While these statements sound very hopeful, they are unfortunately far from reality. Building secure applications with React is easier than starting from scratch. However, even with React, there are several guidelines and considerations to take into account.
In this session, we take a deep-dive into two particular topics. We take a close look at XSS, React's defenses, and the responsibilities of the developer. The second topic zooms in on the challenges with including NPM dependencies. We look at how attackers abuse NPM to target your application. Throughout these topics, we build a set of concrete guidelines you can immediately apply to [...]
Download slides and read the full abstract here:
https://gotober.com/2019/sessions/833/building-secure-react-applications
https://twitter.com/GOTOber
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#Security #OWASP #React
Looking for a unique learning experience?
Attend the next GOTO Conference near you! Get your ticket at http://gotocon.com
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Видео GOTO 2019 • Building Secure React Applications • Philippe De Ryck канала GOTO Conferences
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
GOTO 2019 • Common API Security Pitfalls • Philippe De Ryck
Building Secure React Applications
GOTO 2019 • "Good Enough" Architecture • Stefan Tilkov
GOTO 2016 • Leadership at Every Level • Liz Keogh
GOTO 2019 • An Engineer's Guide To Burnout And How To Hack It • Tim Duckett
GOTO 2019 • Modern Continuous Delivery • Ken Mugrage
GOTO 2018 • Introduction to OAuth 2.0 and OpenID Connect • Philippe De Ryck
The Parts of JWT Security Nobody Talks About | Philippe De Ryck, Google Developer Expert
The truth about cookies, tokens and APIs - Phillipe de Ryck
GOTO 2019 • Monolith Decomposition Patterns • Sam Newman
"Reviewing and Securing React Applications" - Amanvir Sangha
GOTO 2017 • Why is Rust Successful? • Florian Gilcher
Getting Single Page Application Security Right by Philippe De Ryck
GOTO 2020 • Talking With Tech Leads • Patrick Kua
Gary Hockin - Understanding the OWASP Top 10
GOTO 2018 • Event-Driven Microservices - not (just) about Events! • Allard Buijze
Principles Of Microservices by Sam Newman
Building Secure React Applications by Jim Manico
GOTO 2019 • You Really Don't Need All that JavaScript, I Promise • Stuart Langridge
GOTO 2017 • Confusion In The Land Of The Serverless • Sam Newman