�ݺ�ߣshows by User: PhilippeDeRyck

�ݺ�ߣshows by User: PhilippeDeRyck / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: PhilippeDeRyck / Wed, 26 Oct 2016 06:38:10 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: PhilippeDeRyck Are you botching the security of your AngularJS applications? (DevFest 2016) /slideshow/are-you-botching-the-security-of-your-angularjs-applications-devfest-2016/67659940 deryckangularsecurity-161026063810
If you make a list of popular JavaScript MVC frameworks, AngularJS is probably at the top of the list. Developers around the world are crazy about the Angular way of doing things, and love how easy it is to write AngularJS applications. However, few people know that AngularJS packs a lot security features, right out of the box. Unfortunately, because many developers are not aware of these security features, they are often unintentionally circumvented, or not used to their full potential. For example, think about common advice on Stack Overflow to turn off the protection against cross-site scripting (XSS) attacks, just so you can directly bind HTML data to a variable. In this session, you will learn how to leverage AngularJS' security features to their full potential. Specifically, you will learn how AngularJS applies Strict Contextual Escaping (SCE) against XSS attacks, and how to relax that protection in a safe way (instead of turning it off). We also cover the advanced Content Security Policy (CSP). We mainly focus on AngularJS 1.x, but also relate the concepts to AngularJS 2 where relevant.]]>
If you make a list of popular JavaScript MVC frameworks, AngularJS is probably at the top of the list. Developers around the world are crazy about the Angular way of doing things, and love how easy it is to write AngularJS applications. However, few people know that AngularJS packs a lot security features, right out of the box. Unfortunately, because many developers are not aware of these security features, they are often unintentionally circumvented, or not used to their full potential. For example, think about common advice on Stack Overflow to turn off the protection against cross-site scripting (XSS) attacks, just so you can directly bind HTML data to a variable. In this session, you will learn how to leverage AngularJS' security features to their full potential. Specifically, you will learn how AngularJS applies Strict Contextual Escaping (SCE) against XSS attacks, and how to relax that protection in a safe way (instead of turning it off). We also cover the advanced Content Security Policy (CSP). We mainly focus on AngularJS 1.x, but also relate the concepts to AngularJS 2 where relevant.]]> Wed, 26 Oct 2016 06:38:10 GMT /slideshow/are-you-botching-the-security-of-your-angularjs-applications-devfest-2016/67659940 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) Are you botching the security of your AngularJS applications? (DevFest 2016) PhilippeDeRyck If you make a list of popular JavaScript MVC frameworks, AngularJS is probably at the top of the list. Developers around the world are crazy about the Angular way of doing things, and love how easy it is to write AngularJS applications. However, few people know that AngularJS packs a lot security features, right out of the box. Unfortunately, because many developers are not aware of these security features, they are often unintentionally circumvented, or not used to their full potential. For example, think about common advice on Stack Overflow to turn off the protection against cross-site scripting (XSS) attacks, just so you can directly bind HTML data to a variable. In this session, you will learn how to leverage AngularJS' security features to their full potential. Specifically, you will learn how AngularJS applies Strict Contextual Escaping (SCE) against XSS attacks, and how to relax that protection in a safe way (instead of turning it off). We also cover the advanced Content Security Policy (CSP). We mainly focus on AngularJS 1.x, but also relate the concepts to AngularJS 2 where relevant. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckangularsecurity-161026063810-thumbnail.jpg?width=120&height=120&fit=bounds" /> If you make a list of popular JavaScript MVC frameworks, AngularJS is probably at the top of the list. Developers around the world are crazy about the Angular way of doing things, and love how easy it is to write AngularJS applications. However, few people know that AngularJS packs a lot security features, right out of the box. Unfortunately, because many developers are not aware of these security features, they are often unintentionally circumvented, or not used to their full potential. For example, think about common advice on Stack Overflow to turn off the protection against cross-site scripting (XSS) attacks, just so you can directly bind HTML data to a variable. In this session, you will learn how to leverage AngularJS' security features to their full potential. Specifically, you will learn how AngularJS applies Strict Contextual Escaping (SCE) against XSS attacks, and how to relax that protection in a safe way (instead of turning it off). We also cover the advanced Content Security Policy (CSP). We mainly focus on AngularJS 1.x, but also relate the concepts to AngularJS 2 where relevant.

Are you botching the security of your AngularJS applications? (DevFest 2016) from Philippe De Ryck

]]> 369 2 https://cdn.slidesharecdn.com/ss_thumbnails/deryckangularsecurity-161026063810-thumbnail.jpg?width=120&height=120&fit=bounds presentation 000000 http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Why Traditional Web Security Technologies no Longer Suffice to Keep You Safe /slideshow/why-traditional-web-security-technologies-no-longer-suffice-to-keep-you-safe/64908931 deryckwebsecurityoverviewsmall-160811140819
The slides from an overview presentation of how the Web, and Web security, have changed in the last few years. This talk has been given at various public and private venues. Get in touch if you want to invite me to your company or tech group!]]>
The slides from an overview presentation of how the Web, and Web security, have changed in the last few years. This talk has been given at various public and private venues. Get in touch if you want to invite me to your company or tech group!]]> Thu, 11 Aug 2016 14:08:18 GMT /slideshow/why-traditional-web-security-technologies-no-longer-suffice-to-keep-you-safe/64908931 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) Why Traditional Web Security Technologies no Longer Suffice to Keep You Safe PhilippeDeRyck The slides from an overview presentation of how the Web, and Web security, have changed in the last few years. This talk has been given at various public and private venues. Get in touch if you want to invite me to your company or tech group! <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckwebsecurityoverviewsmall-160811140819-thumbnail.jpg?width=120&height=120&fit=bounds" /> The slides from an overview presentation of how the Web, and Web security, have changed in the last few years. This talk has been given at various public and private venues. Get in touch if you want to invite me to your company or tech group!

Why Traditional Web Security Technologies no Longer Suffice to Keep You Safe from Philippe De Ryck

]]> 358 4 https://cdn.slidesharecdn.com/ss_thumbnails/deryckwebsecurityoverviewsmall-160811140819-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Securing your EmberJS Application /slideshow/securing-your-emberjs-application/59686414 deryckemberjsmeetup-160317162354
A talk at the EmberJS Meetup, on building secure single page applications with the EmberJS framework]]>
A talk at the EmberJS Meetup, on building secure single page applications with the EmberJS framework]]> Thu, 17 Mar 2016 16:23:53 GMT /slideshow/securing-your-emberjs-application/59686414 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) Securing your EmberJS Application PhilippeDeRyck A talk at the EmberJS Meetup, on building secure single page applications with the EmberJS framework <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckemberjsmeetup-160317162354-thumbnail.jpg?width=120&height=120&fit=bounds" /> A talk at the EmberJS Meetup, on building secure single page applications with the EmberJS framework

Securing your EmberJS Application from Philippe De Ryck

]]> 2289 7 https://cdn.slidesharecdn.com/ss_thumbnails/deryckemberjsmeetup-160317162354-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Securing your AngularJS Application /slideshow/securing-your-angularjs-application/59686360 deryckangularjsmeetup-160317162229
A talk at the AngularJS Meetup, on building secure single page applications with the AngularJS framework]]>
A talk at the AngularJS Meetup, on building secure single page applications with the AngularJS framework]]> Thu, 17 Mar 2016 16:22:29 GMT /slideshow/securing-your-angularjs-application/59686360 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) Securing your AngularJS Application PhilippeDeRyck A talk at the AngularJS Meetup, on building secure single page applications with the AngularJS framework <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckangularjsmeetup-160317162229-thumbnail.jpg?width=120&height=120&fit=bounds" /> A talk at the AngularJS Meetup, on building secure single page applications with the AngularJS framework

Securing your AngularJS Application from Philippe De Ryck

]]> 2701 8 https://cdn.slidesharecdn.com/ss_thumbnails/deryckangularjsmeetup-160317162229-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Getting Single Page Application Security Right /slideshow/getting-single-page-application-security-right/59685961 deryckdevoxx-160317161344
In my university session at Devoxx 2015 (Belgium), I talked about Single Page Application Security]]>
In my university session at Devoxx 2015 (Belgium), I talked about Single Page Application Security]]> Thu, 17 Mar 2016 16:13:44 GMT /slideshow/getting-single-page-application-security-right/59685961 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) Getting Single Page Application Security Right PhilippeDeRyck In my university session at Devoxx 2015 (Belgium), I talked about Single Page Application Security <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckdevoxx-160317161344-thumbnail.jpg?width=120&height=120&fit=bounds" /> In my university session at Devoxx 2015 (Belgium), I talked about Single Page Application Security

Getting Single Page Application Security Right from Philippe De Ryck

]]> 2498 8 https://cdn.slidesharecdn.com/ss_thumbnails/deryckdevoxx-160317161344-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Subresource Integrity /slideshow/subresource-integrity/59685815 deryckemberjsmeetupsri-160317161034
A short talk about Subresource Integrity (SRI) at an EmberJS Meetup]]>
A short talk about Subresource Integrity (SRI) at an EmberJS Meetup]]> Thu, 17 Mar 2016 16:10:34 GMT /slideshow/subresource-integrity/59685815 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) Subresource Integrity PhilippeDeRyck A short talk about Subresource Integrity (SRI) at an EmberJS Meetup <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckemberjsmeetupsri-160317161034-thumbnail.jpg?width=120&height=120&fit=bounds" /> A short talk about Subresource Integrity (SRI) at an EmberJS Meetup

Subresource Integrity from Philippe De Ryck

]]> 615 8 https://cdn.slidesharecdn.com/ss_thumbnails/deryckemberjsmeetupsri-160317161034-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Why Web Security Matters! /slideshow/why-web-security-matters/59685784 deryckinfodagprovinciewhywebsecmatters-160317160954
A talk about the importance of Web security, tailored towards IT people of local municipalities. This was an invited talk at the information day on online security for the municipalities of Flemish Brabant (Belgium).]]>
A talk about the importance of Web security, tailored towards IT people of local municipalities. This was an invited talk at the information day on online security for the municipalities of Flemish Brabant (Belgium).]]> Thu, 17 Mar 2016 16:09:54 GMT /slideshow/why-web-security-matters/59685784 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) Why Web Security Matters! PhilippeDeRyck A talk about the importance of Web security, tailored towards IT people of local municipalities. This was an invited talk at the information day on online security for the municipalities of Flemish Brabant (Belgium). <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckinfodagprovinciewhywebsecmatters-160317160954-thumbnail.jpg?width=120&height=120&fit=bounds" /> A talk about the importance of Web security, tailored towards IT people of local municipalities. This was an invited talk at the information day on online security for the municipalities of Flemish Brabant (Belgium).

Why Web Security Matters! from Philippe De Ryck

]]> 378 7 https://cdn.slidesharecdn.com/ss_thumbnails/deryckinfodagprovinciewhywebsecmatters-160317160954-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 HTTPS, Here and Now /slideshow/https-here-and-now/59579445 deryckhttps-160315123341
The tools at our disposal today for deploying HTTPS are tremendously powerful, and easy to use. Initiatives like Let's Encrypt offer certificates, and new security policies like HSTS and HPKP allow you to protect against extremely powerful attacks. HTTPS, Here and Now! This was an invited talk at the ICT Security Happening, organized by the VDAB Competence Center in Leuven.]]>
The tools at our disposal today for deploying HTTPS are tremendously powerful, and easy to use. Initiatives like Let's Encrypt offer certificates, and new security policies like HSTS and HPKP allow you to protect against extremely powerful attacks. HTTPS, Here and Now! This was an invited talk at the ICT Security Happening, organized by the VDAB Competence Center in Leuven.]]> Tue, 15 Mar 2016 12:33:41 GMT /slideshow/https-here-and-now/59579445 PhilippeDeRyck@slideshare.net(PhilippeDeRyck) HTTPS, Here and Now PhilippeDeRyck The tools at our disposal today for deploying HTTPS are tremendously powerful, and easy to use. Initiatives like Let's Encrypt offer certificates, and new security policies like HSTS and HPKP allow you to protect against extremely powerful attacks. HTTPS, Here and Now! This was an invited talk at the ICT Security Happening, organized by the VDAB Competence Center in Leuven. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/deryckhttps-160315123341-thumbnail.jpg?width=120&height=120&fit=bounds" /> The tools at our disposal today for deploying HTTPS are tremendously powerful, and easy to use. Initiatives like Let's Encrypt offer certificates, and new security policies like HSTS and HPKP allow you to protect against extremely powerful attacks. HTTPS, Here and Now! This was an invited talk at the ICT Security Happening, organized by the VDAB Competence Center in Leuven.

HTTPS, Here and Now from Philippe De Ryck

]]> 1708 7 https://cdn.slidesharecdn.com/ss_thumbnails/deryckhttps-160315123341-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://public.slidesharecdn.com/v2/images/profile-picture.png https://cdn.slidesharecdn.com/ss_thumbnails/deryckangularsecurity-161026063810-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/are-you-botching-the-security-of-your-angularjs-applications-devfest-2016/67659940 Are you botching the s... https://cdn.slidesharecdn.com/ss_thumbnails/deryckwebsecurityoverviewsmall-160811140819-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/why-traditional-web-security-technologies-no-longer-suffice-to-keep-you-safe/64908931 Why Traditional Web Se... https://cdn.slidesharecdn.com/ss_thumbnails/deryckemberjsmeetup-160317162354-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/securing-your-emberjs-application/59686414 Securing your EmberJS ...