JavaScript Jabber

JavaScript Jabber is a weekly discussion about JavaScript, front-end development, community, careers, and frameworks.

Subscribe

Get episodes automatically

251

JSJ 251 InfoSec for Web Developers with Kim Carter


InfoSec for Web Developers with Kim Carter

On today's episode, Charles Max Wood and Aimee Knight discuss InfoSec for Web Developers with Kim Carter. Kim is a senior software engineer/architect, an information security professional, and the founder of binarymist.io. He is currently working on his book called Holistic InfoSec for Web Developers. Tune in to learn more on what his book is all about.

Front-end Security

Most security concerns are dealt at the back-end. However, front-end developers could also worry about getting hacked depending on the app they are building.

There are things in the front-end that you can do such as usability, which enable good user experience. As the app is built, such security issues need to be addressed at the front-end before back-end are notified about it.

Browser Exploits

There are tools that help assess an app's front-end security. One is the browser exploitation framework (BeEF). It focuses on the browser to look after malicious threats.

To implement BeEF, you visit other places online to kickoff some exploits. Afterwards, you break into a network through the browser to test its security.

Dealing with Malicious Attacks

A virus can do anything it wants once it is activated, but can be dealt with using reliable programs. One example is Windows' exploitation via Parashell, which it explicitly trusts. Once a virus affects something, it bypasses the virus and beats the attack.

Stay in touch with Kim:

To hear about InfoSec for Web Developers with Kim Carter, download and listen to the entire episode.

If you’re short on time, here are the highlights of InfoSec for Web Developers with Kim Carter:

Security threat to front-end developers? (1:49)
Social engineering? (8:37)
Things to look out for at the front-end? (14:42)
What is OWASP all about? (18:13)
Tools in using evaluation? (28:56)
Vulnerabilities in captions? (30:30)
Training teams in building a new feature? (33:53)

Episode Links:

Picks:

Aimee: Computer Science Video Courses (GitHub) and Tiny Buddha

Charles: Autonomous Desks

Kim: Summer 25-30 degree days, Vibiemme Domobar Super Lever with Mazzer Mini, Coffee Machine in Gordon, and Christchurch Hacker Conference

This episode is sponsored by

comments powered by Disqus
x