Jackie

What The Hack is Web App Sec?

Is AI-assisted 'vibe coding' making your applications more vulnerable to decades-old attacks? It's time to build a culture of shared responsibility for security.

What The Hack is Web App Sec?
#1about 1 minute

Making web application security accessible to developers

Web application security is a critical but often overlooked topic that can be made more engaging for developers through relatable storytelling.

#2about 2 minutes

A developer's path from operations to security

A background in operations provides a natural entry point into security, highlighting that it's an encompassing field involving people and processes, not just technology.

#3about 3 minutes

Comparing the challenges of security and accessibility

Security and accessibility share common challenges as they are both complex, often addressed late in the development process, and require a holistic approach.

#4about 4 minutes

Balancing developer and stakeholder security priorities

Developers often prioritize building secure code from the start, while stakeholders may focus on cost, but proactive security investment is increasingly seen as a business value.

#5about 4 minutes

How AI-assisted coding impacts web application security

While AI accelerates code production, it also increases the volume of potential vulnerabilities, making it crucial to integrate AI tools into a structured development lifecycle.

#6about 2 minutes

Why security is a shared responsibility for every role

Security is a collaborative effort that involves everyone from designers to developers, and it cannot be delegated to a single specialist or department.

#7about 3 minutes

Getting started with security tools and team communication

Developers can begin improving security by integrating static analysis tools like linters into their workflow and fostering open team communication about vulnerabilities.

#8about 2 minutes

Adopting a zero-trust mindset with input validation

The most impactful habit a developer can adopt is to rigorously validate all inputs by default, treating any incoming data as untrusted until proven otherwise.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Hands-on security training for developers
04:38 MIN

Hands-on security training for developers

How GitHub secures open source

Key strategies for building a secure code culture
02:23 MIN

Key strategies for building a secure code culture

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Bridging the communication gap between developers and security
01:58 MIN

Bridging the communication gap between developers and security

How to Defend Against Data Manipulation Attacks - Bozidar Spirovski & Wekoslav Stefanovski

Fostering a developer-first security culture
01:17 MIN

Fostering a developer-first security culture

Walking into the era of Supply Chain Risks

Introduction to developer-first security and CTFs
04:09 MIN

Introduction to developer-first security and CTFs

Capture the Flag 101

Scaling AppSec teams by empowering developers
03:15 MIN

Scaling AppSec teams by empowering developers

Why Security-First Development Helps You Ship Better Software Faster

Addressing the security education gap for developers
03:34 MIN

Addressing the security education gap for developers

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Why developers make basic cybersecurity mistakes
02:26 MIN

Why developers make basic cybersecurity mistakes

Don't Be A Naive Developer: How To Avoid Basic Cybersecurity Mistakes

Featured Partners

Related Videos

See all videos
Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools35:37

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Liran Tal

Security Blindspots and How to Learn About Them - Anna Oliveira26:28

Security Blindspots and How to Learn About Them - Anna Oliveira

Anna Oliveira

Security in modern Web Applications - OWASP to the rescue!26:59

Security in modern Web Applications - OWASP to the rescue!

Jakub Andrzejewski

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together23:34

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Stefania Chaplin

How to Defend Against Data Manipulation Attacks - Bozidar Spirovski & Wekoslav Stefanovski38:44

How to Defend Against Data Manipulation Attacks - Bozidar Spirovski & Wekoslav Stefanovski

Bozidar Spirovski & Wekoslav Stefanovski

Real-World Security for Busy Developers29:50

Real-World Security for Busy Developers

Kevin Lewis

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Typed Security: Preventing Vulnerabilities By Design58:19

Typed Security: Preventing Vulnerabilities By Design

Michael Koppmann

Related Articles

View all articles
DC
Daniel Cranney
Dev Digest 211: Securing Agents, Top AI Apps and Lost Readers…
Inside last week’s Dev Digest 211 . 🏗️ Can the infrastructure keep up with AI growth? 📱 Top 100 GenAI consumer apps 🪱 Wikipedia hit by worm and AI slop 🔍 The results of Codex Security scanning 1.2M commits 🧹 Bye bye innerHTML, welcome setHTML() 🔄 Cl...
Dev Digest 211: Securing Agents, Top AI Apps and Lost Readers…
DC
Daniel Cranney
Security Basics for Vibe Coders
Vibe coding has become a popular trend in the tech world. With so many tools now available for both developers and non-developers, it’s easier than ever to build projects using natural language, in some cases without touching a line of code along the...
Security Basics for Vibe Coders

From learning to earning

Jobs that call for the skills explored in this talk.