Jackie

What The Hack is Web App Sec?

Is AI-assisted 'vibe coding' making your applications more vulnerable to decades-old attacks? It's time to build a culture of shared responsibility for security.

What The Hack is Web App Sec?
#1about 1 minute

Making web application security accessible to developers

Web application security is a critical but often overlooked topic that can be made more engaging for developers through relatable storytelling.

#2about 2 minutes

A developer's path from operations to security

A background in operations provides a natural entry point into security, highlighting that it's an encompassing field involving people and processes, not just technology.

#3about 3 minutes

Comparing the challenges of security and accessibility

Security and accessibility share common challenges as they are both complex, often addressed late in the development process, and require a holistic approach.

#4about 4 minutes

Balancing developer and stakeholder security priorities

Developers often prioritize building secure code from the start, while stakeholders may focus on cost, but proactive security investment is increasingly seen as a business value.

#5about 4 minutes

How AI-assisted coding impacts web application security

While AI accelerates code production, it also increases the volume of potential vulnerabilities, making it crucial to integrate AI tools into a structured development lifecycle.

#6about 2 minutes

Why security is a shared responsibility for every role

Security is a collaborative effort that involves everyone from designers to developers, and it cannot be delegated to a single specialist or department.

#7about 3 minutes

Getting started with security tools and team communication

Developers can begin improving security by integrating static analysis tools like linters into their workflow and fostering open team communication about vulnerabilities.

#8about 2 minutes

Adopting a zero-trust mindset with input validation

The most impactful habit a developer can adopt is to rigorously validate all inputs by default, treating any incoming data as untrusted until proven otherwise.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Hands-on security training for developers
04:38 MIN

Hands-on security training for developers

How GitHub secures open source

Key strategies for building a secure code culture
02:23 MIN

Key strategies for building a secure code culture

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Fostering a developer-first security culture
01:17 MIN

Fostering a developer-first security culture

Walking into the era of Supply Chain Risks

Introduction to developer-first security and CTFs
04:09 MIN

Introduction to developer-first security and CTFs

Capture the Flag 101

Scaling AppSec teams by empowering developers
03:15 MIN

Scaling AppSec teams by empowering developers

Why Security-First Development Helps You Ship Better Software Faster

Addressing the security education gap for developers
03:34 MIN

Addressing the security education gap for developers

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Why developers make basic cybersecurity mistakes
02:26 MIN

Why developers make basic cybersecurity mistakes

Don't Be A Naive Developer: How To Avoid Basic Cybersecurity Mistakes

How AI tools make both developers and attackers more efficient
02:27 MIN

How AI tools make both developers and attackers more efficient

Let’s write an exploit using AI

Featured Partners

Related Videos

See all videos
Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools35:37

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Liran Tal

Security Blindspots and How to Learn About Them - Anna Oliveira26:28

Security Blindspots and How to Learn About Them - Anna Oliveira

Anna Oliveira

Security in modern Web Applications - OWASP to the rescue!26:59

Security in modern Web Applications - OWASP to the rescue!

Jakub Andrzejewski

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together23:34

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Stefania Chaplin

Real-World Security for Busy Developers29:50

Real-World Security for Busy Developers

Kevin Lewis

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Typed Security: Preventing Vulnerabilities By Design58:19

Typed Security: Preventing Vulnerabilities By Design

Michael Koppmann

Securing Your Web Application Pipeline From Intruders44:30

Securing Your Web Application Pipeline From Intruders

Milecia McGregor

Related Articles

View all articles
DC
Daniel Cranney
Security Basics for Vibe Coders
Vibe coding has become a popular trend in the tech world. With so many tools now available for both developers and non-developers, it’s easier than ever to build projects using natural language, in some cases without touching a line of code along the...
Security Basics for Vibe Coders
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.