Go to content

Building Secure Angular Applications (Philippe De Ryck)

Angular is one of the most popular frameworks, and there is a lot of information available on building applications, improving performance, and various other topics. But do you know how to make your Angular applications secure? What kind of security features does Angular offer you, and which additional steps can you take to really boost the security of your applications? In this session, you will learn how the paradigm shift from server-side to client-side applications impacts security. We will discuss various script-based threats against Angular applications, and the concrete defenses to prevent or minimize these attacks. You will learn how Angular helps you defend against XSS, and how you can leverage the latest browser security features in your Angular applications to boost your security. Examples include Subresource Integrity, HTML5 sandboxing or Content Security Policy. After attending this talk, you will have a good understanding of the various kinds of untrusted code that threaten your Angular applications. In addition, you will have concrete knowledge on how to use these new security technologies to effectively secure your Angular applications against these threats.

April 5, 2017