Jackie

What The Hack is Web App Sec?

Is AI-assisted 'vibe coding' making your applications more vulnerable to decades-old attacks? It's time to build a culture of shared responsibility for security.

What The Hack is Web App Sec?
#1about 1 minute

Making web application security accessible to developers

Web application security is a critical but often overlooked topic that can be made more engaging for developers through relatable storytelling.

#2about 2 minutes

A developer's path from operations to security

A background in operations provides a natural entry point into security, highlighting that it's an encompassing field involving people and processes, not just technology.

#3about 3 minutes

Comparing the challenges of security and accessibility

Security and accessibility share common challenges as they are both complex, often addressed late in the development process, and require a holistic approach.

#4about 4 minutes

Balancing developer and stakeholder security priorities

Developers often prioritize building secure code from the start, while stakeholders may focus on cost, but proactive security investment is increasingly seen as a business value.

#5about 4 minutes

How AI-assisted coding impacts web application security

While AI accelerates code production, it also increases the volume of potential vulnerabilities, making it crucial to integrate AI tools into a structured development lifecycle.

#6about 2 minutes

Why security is a shared responsibility for every role

Security is a collaborative effort that involves everyone from designers to developers, and it cannot be delegated to a single specialist or department.

#7about 3 minutes

Getting started with security tools and team communication

Developers can begin improving security by integrating static analysis tools like linters into their workflow and fostering open team communication about vulnerabilities.

#8about 2 minutes

Adopting a zero-trust mindset with input validation

The most impactful habit a developer can adopt is to rigorously validate all inputs by default, treating any incoming data as untrusted until proven otherwise.

Related jobs
Jobs that call for the skills explored in this talk.

Software Engineer

tree-IT GmbH
Bad Neustadt an der Saale, Germany

Intermediate
Senior

Matching moments

Hands-on security training for developers
14:17 MIN

Hands-on security training for developers

How GitHub secures open source

Avoiding common security mistakes and giving better feedback
55:17 MIN

Avoiding common security mistakes and giving better feedback

The weekly developer show: Boosting Python with CUDA, CSS Updates & Navigating New Tech Stacks

Key takeaways on IDE and developer tool security
27:19 MIN

Key takeaways on IDE and developer tool security

You click, you lose: a practical look at VSCode's security

A developer's responsibility to build secure software
28:05 MIN

A developer's responsibility to build secure software

You can’t hack what you can’t see

Managing security risks of AI-assisted code generation
08:03 MIN

Managing security risks of AI-assisted code generation

WWC24 - Chris Wysopal, Helmut Reisinger and Johannes Steger - Fighting Digital Threats in the Age of AI

Essential web security best practices beyond SPAs
33:09 MIN

Essential web security best practices beyond SPAs

A Primer in Single Page Application Security (Angular, React, Vue.js)

A seven-step guide to securing modern web apps
36:35 MIN

A seven-step guide to securing modern web apps

Full-stack role-based authorization in 45 minutes

Key takeaways and resources for continuous security learning
1:39:28 MIN

Key takeaways and resources for continuous security learning

Software Security 101: Secure Coding Basics

Featured Partners

Related Videos

See all videos
Security Blindspots and How to Learn About Them - Anna Oliveira26:28

Security Blindspots and How to Learn About Them - Anna Oliveira

Anna Oliveira

Security in modern Web Applications - OWASP to the rescue!26:59

Security in modern Web Applications - OWASP to the rescue!

Jakub Andrzejewski

Coffee with Developers - Cassidy Williams - 44:20

Coffee with Developers - Cassidy Williams -

Cassidy Williams

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together23:34

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Stefania Chaplin

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Real-World Security for Busy Developers29:50

Real-World Security for Busy Developers

Kevin Lewis

Securing Your Web Application Pipeline From Intruders44:30

Securing Your Web Application Pipeline From Intruders

Milecia McGregor

Climate vs. Weather: How Do We Sustainably Make Software More Secure?51:41

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Panel Discussion

Related Articles

View all articles
DC
Daniel Cranney
Security Basics for Vibe Coders
Vibe coding has become a popular trend in the tech world. With so many tools now available for both developers and non-developers, it’s easier than ever to build projects using natural language, in some cases without touching a line of code along the...
Security Basics for Vibe Coders
DC
Daniel Cranney
Dev Digest 194: AI vs. Version Control, Password Louvre & Cursed Webdev
Inside last week’s Dev Digest 194 . 🧠 Learn how to become an AI-native software engineer 🤷‍♂️ How can you stand out when anyone can build anything? 👂 Whisper Leak allows listening to encrypted chats 🐝 What’s new the OWASP2025 Top Ten List 🙅‍♀️ Curse...
Dev Digest 194: AI vs. Version Control, Password Louvre & Cursed Webdev
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
DC
Daniel Cranney
Dev Digest 167: Open Source AI, Passwordless Microsoft and Vibe Coding
Inside last week’s Dev Digest 167 . 🖼️ Is vibe coding killing creativity? 🌳 Is ChatGPT not as bad for the environment as we think? ⚠️ 95% of AppSec fixes don’t reduce risks 🔑 Microsoft going passwordless 🧠 How to detect memory leaks in your apps 🟨 V...
Dev Digest 167: Open Source AI, Passwordless Microsoft and Vibe Coding

From learning to earning

Jobs that call for the skills explored in this talk.

Web/App Developer

Web/App Developer

Giesen Coffee Roasters
Ulft, Netherlands

3K
JIRA
Scrum
Ionic
Node.js
+3