Adventures in Angular
AiA 268: Secure Angular Apps with Philippe De Ryck
In this episode of Adventures in Angular the panel interviews Phillipe De Ryck. Phillipe is a web security expert out of Belgium. He shares ways for Angular developers to better secure their apps. Phillipe explains to the panel that his goal is not to shame developers but inspire them to do what they can. He knows most developers are just trying to get as much done in the time that they have. In this episode, he shares ways for developers to improve the security of their apps.
December 10, 2019
53:41
Episode 268
Hosted by
Special Guests
AiA 268: Secure Angular Apps with Philippe De Ryck
Adventures in Angular
53:41
0:00
53:41
Speed:
Share This Episode
Show Notes
In this episode of Adventures in Angular the panel interviews Phillipe De Ryck. Phillipe is a web security expert out of Belgium. He shares ways for Angular developers to better secure their apps. Phillipe explains to the panel that his goal is not to shame developers but inspire them to do what they can. He knows most developers are just trying to get as much done in the time that they have. In this episode, he shares ways for developers to improve the security of their apps.
The episode starts with some security scary stories. Phillipe invites everyone to check out the OWASP top ten projects. They have lists of the top ten security measures you should be doing, they have lists for different ecosystems and types of projects so there is something there for everyone. Phillipe explains what types of attacks are most common today.
The panel wonders how do you know something is safe to install. Phillipe explains that there are no guarantees. Sharing statistics Phillipe tells then panel that it is worse than they thought, each package is most likely dependent on more packages and the odds are high that one of those packages has vulnerable code. He explains what you can do to check for those vulnerabilities and to see if they are exploitable.
Phillipe shares recommendations for continuous monitoring services and other tools. He explains why Angular is the best framework for securing your apps and lists all the security features that come with Angular. He compares Angular, React, Amber, and Vue.
Phillipe gives his opinion and recommendation on authentication libraries. He explains the differences between OpenID Connect and Allout, explaining how they work. The episode ends as Phillipe shares his contact information and the conferences he will be attending and speaking at.
Panelists
- Aaron Frost
- Jennifer Wadella
- Brian Love
- Alyssa Nicoll
Guest
- Philippe De Ryck
Adventures in Angular is produced by DevChat.TV in partnership with Hero Devs
Sponsors
Links
- OWASP Top Ten Project
- GitHub dependency graph
- https://snyk.io
- Angular and the OWASP top 10 | Philippe De Ryck |
- The Parts of JWT Security Nobody Talks About | Philippe De Ryck, Google Developer Expert
- https://twitter.com/philippederyck
- https://pragmaticwebsecurity.com
- https://www.facebook.com/adventuresinangular
- https://twitter.com/angularpodcast
Picks
Brain Love:
Jennifer Wadella:
Aaron Frost:
- The listeners
- The sponsors
- The panel
Alyssa Nicoll:
Philippe De Ryck:
Special Guest: Philippe De Ryck.