Angular Security with Dr De Ryck

Name: I like the inclusion of hands-on coding exercises where we can verify our understanding of the presented concepts and techniques. I also appreciate the fact that we were granted access to the repo and resources used for the presentation.
Item: Professional Angular Testing: Playwright Edition
Rating: 5
Author: An attendee

Workshop for Building Secure Angular Solutions

Protect your business-critial Angular applications!

Duration

2 days

Next event

Autumn 2023

Level

Basic Angular Knowledge

Location

Remote

Language

English

Price from

0€

Request in-house event Book your ticket

Dr. Philippe De Ryck, GDE

has a Ph.D. in web security, is founder of Pragmatic Web Security, Google Developer Expert and Auth0 Ambassador. Philippe has been speaking about Angular security since AngularJS 1.x, and is widely recognized as an Angular security expert.

Proven Interactive Workshop with Labs and Discussions

Angular applications disrupt the traditional web security landscape, and finding reliable security advice is hard. This workshop provides Angular developers with the answers to all their security questions.

With a mix of lectures, demos, quizzes, and hands-on labs, participants discover best practices for building secure Angular applications. We investigate how to use and configure security mechanisms available in modern browsers. We explore how Angular handles security out-of-the-box, along with common mistakes that circumvent these protections. Additionally, we discuss scenarios that address common questions, including secure data storage in the browser and the use of OAuth 2.0/2.1 and OpenID Connect.

This workshop offers practical and immediately applicable security advice for Angular developers. Throughout the workshop, Philippe is available to answer any questions, including concrete scenarios applying to your own applications.

Selected Topics (full list below)

✅ Dealing with Malicious JavaScript and XSS

✅ Common security mistakes in CSP policies

✅ Advanced HTML5 sandboxing techniques

✅ Configuring browser security headers

✅ Security recommendations for using OAuth 2.0/2.1 in Angular

✅ Advanced OAuth 2.0/2.1 and OpenID Connect Security

Selected Feedback from Previous Participants

💬 In-depth knowledge presented and interesting conversations. All questions were answered.

💬 The clear presentation of difficult topics. The Q&A. And also the practice exercises. It all helps a lot to let things sink in.

💬 The workshop was really pragmatic as promised!

💬 I liked the expertise of the presenter. Also: Presentation style, labs, quizzes, etc.

💬 Highly recommendable!

Introduction

Origins, sites, and domains
UI redressing attacks
Browser-based data leakage
Architectural security patterns

Dealing with Malicious JavaScript

Introduction to Cross-Site Scripting (XSS)
XSS defenses in Angular
XSS pitfalls in Angular
XSS and server-side rendering
Using Trusted Types with Angular

Deploying Content Security Policy

Introduction to Content Security Policy (CSP)
Common security mistakes in CSP policies
Deploying CSP for Angular
Practicalities about CSP

Secure Frontend Architecture

Sandboxing untrusted content
Architectural security patterns
Securing tokens in the browser

Advanced OAuth 2.0/2.1 security

Common OAuth 2.x and OIDC deployment patterns
Security limitations of OAuth 2.x in frontends
Securing frontends with a Backend-For-Frontend
Security recommendations for using OAuth 2.x in Angular

Upcoming events

Individual in-house company workshops

All of our seminars are always available remotely or in-house. Contact us to make an appointment

Inquire now

No upcoming events found

Reviews

I like the inclusion of hands-on coding exercises where we can verify our understanding of the presented concepts and techniques. I also appreciate...

I like the inclusion of hands-on coding exercises where we can verify our understanding of the presented concepts and techniques. I also appreciate the fact that we were granted access to the repo and resources used for the presentation.

Professional Angular Testing: Playwright Edition

Every session brought important insights. A lot of useful information about best practices and about the best tooling and libraries to use, including...

Every session brought important insights. A lot of useful information about best practices and about the best tooling and libraries to use, including the latest advancements like component testing in Cypress. I thought the structure going from e2e to unit to integration tests worked surprisingly well.

Professional Angular Testing: Cypress Edition

I liked that the workshop support was on a high level, it had a lot of information and it had exercises that covered...

I liked that the workshop support was on a high level, it had a lot of information and it had exercises that covered pretty well the theoretical part.The presenter was fluent, well prepared, so the course was captivating.

Micro Frontends with Angular

I had never used Storybook and only fiddled around with Figma and Cypress on my own before. As a novice on the design...

I had never used Storybook and only fiddled around with Figma and Cypress on my own before. As a novice on the design field this course described the roles and purposes of these three tools well. I now have better knowledge to pitch the idea of implementing the most suitable parts to our development cycle.

Scalable Design Systems with Storybook and Angular

Manfred is very approachable, patient, respectful, and easy to understand, even when attendees ask repetitive questions - this is impressive. Explanation of the...

Manfred is very approachable, patient, respectful, and easy to understand, even when attendees ask repetitive questions - this is impressive. Explanation of the labs was very good. Explanations focused on the mental model behind the code, which is most important to registering conceptual relationships in the framework/ddd.

Advanced Angular – Architecture Workshop

Most of the topics that were covered in this workshop will help us for future decisions for our app architecture. Even if the...

Most of the topics that were covered in this workshop will help us for future decisions for our app architecture. Even if the team would decide to not use what was shown in the workshop, it's still very useful to get an overview of how an app architecture could be, so that we can find the best solution for our problems. I really liked that we had some time on the last day to go into specific problems of our app and to hear about what could be changed and what we could work on

Advanced Angular – Architecture Workshop

Kinda everything .. Philipp is a very good trainer.

Angular Security with Dr De Ryck

Being new to Angular and with very little experience using NX this gave me a great introduction to many of the concepts and...

Being new to Angular and with very little experience using NX this gave me a great introduction to many of the concepts and pointers on best practices for structuring the code base. I will feel more confident working on our company code base now.
I also appreciated the concrete examples of how to implement DDD in folder and files structures.

Angular Migration Workshop

Individual In-House Company Workshops

All of our workshops are also available remotely or in-house at any time.
Contact us for an appointment

Inquire now

FAQs on our workshops

How do your workshops and courses work?

Our seminars around Angular are a mixture of lecture, live coding and actual exercises. Together we implement what we have learned during the workshop directly on a example project. This mixture guarantees that the course never gets boring and “hands-on” is required instead of gray theory.

Who is the Angular hands-on training designed for?

Our Angular hands-on workshop is aimed at anyone who wants to develop applications with Angular in the future or is already doing so and now wants to better understand the background, context and building blocks of the framework.

Participants should have basic knowledge of web development (basic knowledge of HTML and JavaScript).

For advanced Angular developers we offer advanced seminars and intensive trainings on specific use cases.

Where do the Angular workshops take place?

Our trainings take place as public workshops in seminar rooms at central hotels in Germany, Austria and Switzerland. In-House company workshops take place at your office or conference room.

All courses are also available as remote workshops, where we meet online in a virtual classroom and do the training via video calls, screen sharing and live coding.

Who are the trainers?

Our workshops are held by experienced trainers and software architects. In recent years, we have provided Angular training to well-known companies – including well-known banks, insurance companies, industrial groups. Trainers include well-known conference speakers, authors of books and professional articles, bloggers, Google Developer Experts and university lecturers.

At what times are the training sessions held?

Especially for dedicated company trainings, we are happy to accommodate you. Typical times are 9:00AM to 4:30PM / 5:00PM. Some of our English-language workshops are timed so that you can also attend at US friendly times.

Can we also book online training courses?

Absolutely. In fact, since the pandemic, this has been our main business model and we have had very good experience with it. We use a combination of screen sharing, interactive online whiteboards, and are happy to connect to your computer for support during the exercises if you wish. As with our on-site training, we use a combination of short presentations, discussions, live coding and hands-on labs.

Since there is no travel involved, you also save time and money. We can also respond more flexibly to your scheduling needs.

Can we adapt the training for our purposes?

Yes, very much so. In fact, that’s one of the benefits of dedicated corporate training. You are welcome to weight, shorten or add to our agenda proposals. As a rule, we also coordinate with your trainer about 2 weeks before the training. If you wish, we can also arrange it earlier.

Why Angular?

Among other things, Angular’s wide distribution speaks for itself, but also the fact that Google, an Internet giant that also uses the framework very intensively, is behind it. Google alone has over 2600 solutions based on it. Due to the wide distribution, there is a large community and thus a lot of know-how on the market as well as (free and commercial) products that are adapted to Angular. In addition, Angular provides much of what you need for large applications out of the box: test automation, form management, routing, etc. In this respect, you get a stack whose components are coordinated and work together in the long term.

How do you compensate for different prior knowledge?

The good news up front is that participants with different levels of prior knowledge are the rule, not the exception, in adult education. That’s why you’ll find optional fade-in hints and bonus exercises on our exercise sheets, for those who are a little faster. Of course, we also provide personal support for the exercises.

How many participants are recommended?

If you book a company training with us, we leave this decision to you in principle. However, experience shows that there should not be more than 15 participants, especially since a seminar lives very much from questions, discussions and practical exercises.

What software do we need?

Please install the following software packages on your computer:

– NodeJS in current version (we test with current LTS version).
– Angular CLI (npm i -g @angular/cli)
– Git
– Visual Studio (free) or WebStorm/IntelliJ (commercial)

Angular Security with Dr De Ryck

Dr. Philippe De Ryck, GDE

Proven Interactive Workshop­ with Labs and Discussions

Selected Topics (full list below)

Selected Feedback from Previous Participants

Upcoming events

Reviews

Individual In-House Company Workshops

FAQs on our workshops

Newsletter

Selected happy customers

Proven Interactive Workshop with Labs and Discussions