Angular Security with Dr De Ryck

Workshop for Building Secure Angular Solutions
Protect your business-critial Angular applications!
Duration
2 days
Next event
15.04.2024
Level
Basic Angular Knowledge
Location
Remote
Language
English
Price from
1.495€

Dr. Philippe De Ryck, GDE

has a Ph.D. in web security, is founder of Pragmatic Web Security, Google Developer Expert and Auth0 Ambassador. Philippe has been speaking about Angular security since AngularJS 1.x, and is widely recognized as an Angular security expert.

Proven Interactive Workshop­ with Labs and Discussions

Angular applications disrupt the traditional web security landscape, and finding reliable security advice is hard. This workshop provides Angular developers with the answers to all their security questions.

With a mix of lectures, demos, quizzes, and hands-on labs, participants discover best practices for building secure Angular applications. We investigate how to use and configure security mechanisms available in modern browsers. We explore how Angular handles security out-of-the-box, along with common mistakes that circumvent these protections. Additionally, we discuss scenarios that address common questions, including secure data storage in the browser and the use of OAuth 2.0/2.1 and OpenID Connect.

This workshop offers practical and immediately applicable security advice for Angular developers. Throughout the workshop, Philippe is available to answer any questions, including concrete scenarios applying to your own applications.

Selected Topics (full list below)

✅ Dealing with Malicious JavaScript and XSS

✅ Common security mistakes in CSP policies

✅ Advanced HTML5 sandboxing techniques

✅ Configuring browser security headers

✅ Security recommendations for using OAuth 2.0/2.1 in Angular

✅ Advanced OAuth 2.0/2.1 and OpenID Connect Security

Selected Feedback from Previous Participants

💬 In-depth knowledge presented and interesting conversations. All questions were answered.

💬 The clear presentation of difficult topics. The Q&A. And also the practice exercises. It all helps a lot to let things sink in.

💬 The workshop was really pragmatic as promised!

💬 I liked the expertise of the presenter. Also: Presentation style, labs, quizzes, etc.

💬 Highly recommendable!

Introduction
  • Origins, sites, and domains
  • UI redressing attacks
  • Browser-based data leakage
  • Architectural security patterns
  • Introduction to Cross-Site Scripting (XSS)
  • XSS defenses in Angular
  • XSS pitfalls in Angular
  • XSS and server-side rendering
  • Using Trusted Types with Angular
  • Introduction to Content Security Policy (CSP)
  • Common security mistakes in CSP policies
  • Deploying CSP for Angular
  • Practicalities about CSP
  • Sandboxing untrusted content
  • Architectural security patterns
  • Securing tokens in the browser
  • Common OAuth 2.x and OIDC deployment patterns
  • Security limitations of OAuth 2.x in frontends
  • Securing frontends with a Backend-For-Frontend
  • Security recommendations for using OAuth 2.x in Angular

Upcoming events

All of our seminars are always available remotely or in-house. Contact us to make an appointment
15.04. - 16.04. | 09:00 - 16:30 (CET)
Early Bird Ticket until 10.03.2024
Group Discount (3+ People)
Online |
  English
 |  Dr. Philippe De Ryck, GDE
from 1.495€

Individual In-House Company Workshops

All of our workshops are also available remotely or in-house at any time.
Contact us for an appointment

Inquire now

FAQs on our workshops

How do your workshops and courses work?

Our seminars around Angular are a mixture of lecture, live coding and actual exercises. Together we implement what we have learned during the workshop directly on a example project. This mixture guarantees that the course never gets boring and “hands-on” is required instead of gray theory.

Our Angular hands-on workshop is aimed at anyone who wants to develop applications with Angular in the future or is already doing so and now wants to better understand the background, context and building blocks of the framework.

Participants should have basic knowledge of web development (basic knowledge of HTML and JavaScript).

For advanced Angular developers we offer advanced seminars and intensive trainings on specific use cases.

Our trainings take place as public workshops in seminar rooms at central hotels in Germany, Austria and Switzerland. In-House company workshops take place at your office or conference room.

All courses are also available as remote workshops, where we meet online in a virtual classroom and do the training via video calls, screen sharing and live coding.

Our workshops are held by experienced trainers and software architects. In recent years, we have provided Angular training to well-known companies – including well-known banks, insurance companies, industrial groups. Trainers include well-known conference speakers, authors of books and professional articles, bloggers, Google Developer Experts and university lecturers.

Especially for dedicated company trainings, we are happy to accommodate you. Typical times are 9:00AM to 4:30PM / 5:00PM. Some of our English-language workshops are timed so that you can also attend at US friendly times.

Absolutely. In fact, since the pandemic, this has been our main business model and we have had very good experience with it. We use a combination of screen sharing, interactive online whiteboards, and are happy to connect to your computer for support during the exercises if you wish. As with our on-site training, we use a combination of short presentations, discussions, live coding and hands-on labs.

Since there is no travel involved, you also save time and money. We can also respond more flexibly to your scheduling needs.

Yes, very much so. In fact, that’s one of the benefits of dedicated corporate training. You are welcome to weight, shorten or add to our agenda proposals. As a rule, we also coordinate with your trainer about 2 weeks before the training. If you wish, we can also arrange it earlier.

Among other things, Angular’s wide distribution speaks for itself, but also the fact that Google, an Internet giant that also uses the framework very intensively, is behind it. Google alone has over 2600 solutions based on it. Due to the wide distribution, there is a large community and thus a lot of know-how on the market as well as (free and commercial) products that are adapted to Angular. In addition, Angular provides much of what you need for large applications out of the box: test automation, form management, routing, etc. In this respect, you get a stack whose components are coordinated and work together in the long term.

The good news up front is that participants with different levels of prior knowledge are the rule, not the exception, in adult education. That’s why you’ll find optional fade-in hints and bonus exercises on our exercise sheets, for those who are a little faster. Of course, we also provide personal support for the exercises.

If you book a company training with us, we leave this decision to you in principle. However, experience shows that there should not be more than 15 participants, especially since a seminar lives very much from questions, discussions and practical exercises.

Please install the following software packages on your computer:

– NodeJS in current version (we test with current LTS version).
– Angular CLI (npm i -g @angular/cli)
– Git
– Visual Studio (free) or WebStorm/IntelliJ (commercial)

Newsletter

Never miss anything - subscribe to our newsletter now!
Please enable JavaScript in your browser to complete this form.

Selected happy customers