Registration is NOW Open
Marriott Wardman Park
2660 Woodley Rd NW
Washington DC, District of Columbia 20008 USA
Phone: 1-202-328-2000 

Book Now 
*discount rates expire August 19, 2019
Back To Schedule
Monday, September 9 • 9:00am - Tuesday, September 10 • 5:00pm
A Builder’s Guide to Single Page Application Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Whether you like it or not, we all live in a world of Single Page Applications. Frontend JavaScript frameworks such as Angular and React have changed the way we build web applications. However, did you know that these frameworks also disrupt the security landscape? For example, Angular and React change the nature of XSS as we know it. They also conflict with modern security measures, such as Content Security Policy.
In this training, you will learn how to build secure Single Page Applications. We cover changes in the security model of an application, common threats to an application, framework features that increase security, and state-of-the-art security technology you should start using. Concretely, we will cover the following topics:
  • XSS in Angular and React
  • Advanced injection attacks
  •  The limitations of CSP in Single Page Applications
  •  Recent developments in CSP
  • Protecting yourself against malicious third-party content
  • JWT abuse and best practices
  • The intricacies of Cross-Origin Resource Sharing
  • Recent developments in using OAuth 2.0 and OpenID Connect
The training consists of both lectures and hands-on lab sessions. Lectures go into depth on security threats and mitigation strategies. Labs are conducted in a custom-built competitive lab environment. Security challenges give you hands-on experience with attacks and defenses. You will walk away from this training with an overview of current best practices, along with actionable advice on implementing them.

avatar for Philippe De Ryck

Philippe De Ryck

Founder, Pragmatic Web Security
Philippe De Ryck helps developers protect companies through better web security. As the founder of Pragmatic Web Security, he travels the world to train developers on web security and security engineering. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional... Read More →

Monday September 9, 2019 9:00am - Tuesday September 10, 2019 5:00pm EDT
Lincoln 3