Jackie

What The Hack is Web App Sec?

Is AI-assisted 'vibe coding' making your applications more vulnerable to decades-old attacks? It's time to build a culture of shared responsibility for security.

What The Hack is Web App Sec?
#1about 1 minute

Making web application security accessible to developers

Web application security is a critical but often overlooked topic that can be made more engaging for developers through relatable storytelling.

#2about 2 minutes

A developer's path from operations to security

A background in operations provides a natural entry point into security, highlighting that it's an encompassing field involving people and processes, not just technology.

#3about 3 minutes

Comparing the challenges of security and accessibility

Security and accessibility share common challenges as they are both complex, often addressed late in the development process, and require a holistic approach.

#4about 4 minutes

Balancing developer and stakeholder security priorities

Developers often prioritize building secure code from the start, while stakeholders may focus on cost, but proactive security investment is increasingly seen as a business value.

#5about 4 minutes

How AI-assisted coding impacts web application security

While AI accelerates code production, it also increases the volume of potential vulnerabilities, making it crucial to integrate AI tools into a structured development lifecycle.

#6about 2 minutes

Why security is a shared responsibility for every role

Security is a collaborative effort that involves everyone from designers to developers, and it cannot be delegated to a single specialist or department.

#7about 3 minutes

Getting started with security tools and team communication

Developers can begin improving security by integrating static analysis tools like linters into their workflow and fostering open team communication about vulnerabilities.

#8about 2 minutes

Adopting a zero-trust mindset with input validation

The most impactful habit a developer can adopt is to rigorously validate all inputs by default, treating any incoming data as untrusted until proven otherwise.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Hands-on security training for developers
04:38 MIN

Hands-on security training for developers

How GitHub secures open source

Key strategies for building a secure code culture
02:23 MIN

Key strategies for building a secure code culture

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Fostering a developer-first security culture
01:17 MIN

Fostering a developer-first security culture

Walking into the era of Supply Chain Risks

How AI tools make both developers and attackers more efficient
02:27 MIN

How AI tools make both developers and attackers more efficient

Let’s write an exploit using AI

Scaling AppSec teams by empowering developers
03:15 MIN

Scaling AppSec teams by empowering developers

Why Security-First Development Helps You Ship Better Software Faster

Addressing the security education gap for developers
03:34 MIN

Addressing the security education gap for developers

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Introduction to developer-first security and CTFs
04:09 MIN

Introduction to developer-first security and CTFs

Capture the Flag 101

Accelerating development with AI and security tools
03:26 MIN

Accelerating development with AI and security tools

30 powerful AWS hacks in just 30 minutes: Boost your developer productivity

Featured Partners

Related Videos

See all videos
Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools
35:37

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Liran Tal

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together
23:34

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Stefania Chaplin

Security in modern Web Applications - OWASP to the rescue!
26:59

Security in modern Web Applications - OWASP to the rescue!

Jakub Andrzejewski

Plants vs. Thieves: Automated Tests in the World of Web Security
24:09

Plants vs. Thieves: Automated Tests in the World of Web Security

Ramona Schwering

DevSecOps: Security in DevOps
33:20

DevSecOps: Security in DevOps

Aarno Aukia

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?
27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Climate vs. Weather: How Do We Sustainably Make Software More Secure?
51:41

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Panel Discussion

Real-World Security for Busy Developers
29:50

Real-World Security for Busy Developers

Kevin Lewis

Related Articles

View all articles
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
Chris Heilmann
Dev Digest 116 - WWWAI?
This time, learn how to un-AI Google's search results, what's new on the web, avoid a new security hole and go back to BASICS with us. News and ArticlesWhat a week. Google, Microsoft, OpenAI and many others had their big flagship events announcing th...
Dev Digest 116 - WWWAI?
Chris Heilmann
Dev Digest 112 - The True Crime of AI Development
In last Friday's Dev Digest, we had some great AI news, some worrying security threats and a swipe-aware game in CSS with explanations! News and ArticlesLet's kick off with some AI news. Netflix caused a stir with AI-generated images in a true crime ...
Dev Digest 112 - The True Crime of AI Development

From learning to earning

Jobs that call for the skills explored in this talk.

Frontend Developer

Frontend Developer

JO Media Software Solutions GmBh
Brunn am Gebirge, Austria

Senior
CSS
Angular
JavaScript
TypeScript