Back to All Events

Leveling Up on Angular Security

  • Holiday Inn Gent Expo Maaltekouter 3 9051 Gent Belgium (map)

Trainers

  • Philippe De Ryck

Schedule

07:30 - 08:30

  • Continental breakfast buffet with the trainers

08:30 - 10:30

  • Introduction to Cross-Site Scripting (XSS)

  • XSS defenses in Angular

  • XSS pitfalls in Angular

10:30 - 11:00

  • Break with coffees, teas, juices, energizers and snacks

11:00 - 12:30

  • Offensive and defensive hands-on labs

  • Using Trusted Types with Angular

12:30 - 14:00

  • Lunch with fresh soup, salads, selections of cold and warm fish and meat dishes, dessert

14:00 - 15:30

  • Introduction to Content Security Policy (CSP)

  • Common security mistakes in CSP policies

  • Deploying CSP for Angular

  • Offensive and defensive hands-on labs

15:30 - 16:00

  • Break with coffees, teas, juices, energizers and snacks

16:00 - 17:30

  • Practicalities about CSP

  • Offensive and defensive hands-on labs

  • XSS and server-side rendering

  • Q & A

Takeaways

- Understand the limitations of Angular's built-in defenses
- Build up secure coding guidelines to avoid introducing vulnerabilities in your Angular applications
- Rely on code hygiene techniques to improve the results of code scanning tools
- Configure and deploy Content Security Policy for Angular applications
- Leverage Trusted Types to plug vulnerabilities in your application and its dependencies

Learn more about Philippe at https://pragmaticwebsecurity.com/ .