JavaScript: Security Essentials

JavaScript: Security Essentials

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 0h 45m | 156 MB

Web security guidelines are useful. Penetration testing finds weak points in code and infrastructure. Somewhere in the middle, though, developers need to create resilient code. In this course, Emmanuel Henri equips JavaScript developers with the basic knowledge and techniques they need to keep their JavaScript applications secure. Discover how to approach the challenges of cross-side scripting, cross-site forgery, server-side injection, and obfuscation, as well as how to best approach sensitive data risks. Throughout the course, Emmanuel shows what these threats actually look like in code, demonstrates syntax corrections you can make to fix these issues, and shares best practices for dealing with key threats.

Topics include:

  • Key threats to be aware of as a JavaScript developer
  • Risks posed by cross-site scripting
  • Best practices for dealing with cross-site forgery threats
  • Dealing with sensitive data risks
  • Preventing server-side injection
  • Preventing obfuscation
Table of Contents

Introduction
1 Build effective and secure JavaScript applications
2 What you should know

Overview of Security Concepts
3 Overview of the most common threats
4 List of available resources
5 Overview of this courses approach

Security Applied XSS
6 What is cross-site scripting (XSS)
7 Example of XSS in code
8 Final syntax applied XSS
9 Best practices for XSS threats

Security Applied CSRF
10 What is cross-site request forgery (CSRF)
11 Overview of JSON Web Token (JWT)
12 Overview of Auth0
13 Best practices for CSRF threats

Security Applied Sensitive Data
14 What are sensitive data risks
15 Overview of the encryption
16 List of the crypto libraries
17 Best practices for sensitive data

Security Applied SSJI
18 What is server-side JavaScript injection (SSJI)
19 Example of SSJI code
20 How to prevent SSJI

Security Applied Obfuscation
21 What is obfuscation
22 Tools for scrambling your data
23 Best practices for scrambling data

Conclusion
24 Next steps