This course is fully recorded and all recordings are available on the course platform.
The outline below shows you which topics are covered in this course.
- The security model of web applications
XSS in React applications
- The security model of web applications
- The cause and effect of cross-site scripting (XSS) vulnerabilities
- The limitations in the way React handles XSS
- Secure coding guidelines to avoid XSS in React
- Advanced XSS attack vectors in React
Content Security Policy
- The purpose of Content Security Policy (CSP)
- Configuring a modern CSP policy to combat XSS
- Actionable deployment guidelines that address challenges with CSP and React
- Guidelines on using CSP as a defense-in-depth defense
- The cutting-edge Trusted Types security feature
- How Trusted Types addresses common XSS vulnerabilities
- Deploying Trusted Types in React applications
Securing Server-Side Rendering
- The security challenges of server-side rendering (SSR)
- Avoiding XSS in SSR React
- The limitations of defense-in-depth mechanisms with SSR
- Wrapping up
This course is 100% relevant for anyone involved with building React applications. Concretely, you should follow this course if ...
... you want to turn your knowledge level of React Security all the way up to 11.
... you want to learn code hygiene techniques that allow you to apply React secure coding guidelines at scale.
... you are looking for actionable advice that addresses the intricacies of using complex technologies, such as Content Security Policy or Trusted Types, in React applications.
... other security courses failed to meet your expected level of profoundness. This course will help you understand why security issues exist and how defenses work so that you can apply them in any scenario.
Full-length recordings of the live teaching sessions, including lectures and demos
High-quality PDF materials of the lectures
Code examples used during the demos
Complimentary access to the remastered recordings, as soon as they are available
Hi, I'm Philippe, your instructor for this course. I provide professionals like you with the high-quality security knowledge they need to perform at their best.
My PhD in web security has not only given me an exceptionally strong security background, it has also taught me how to methodically explain complex security concepts. This course rigorously translates that knowledge into security best practices for modern applications.
Finally, these testimonials from previous training participants should tell you everything you need to know.
We hired Phillipe De Ryck for a training on API Security. His mix of content and quizzes kept people well engaged. He was very clearly knowledgeable and patient as he took the time to be sure everyone’s questions were fully answered. Phillipe will definitely be at the top of our short list of people we want to bring back for future trainings.Shane Gliser, Application Security Specialist, American Century Investments
I needed to provide a deep set of training content to developers at my company, especially around secure authorization flows for modern applications. Philippe delivered a comprehensive series on OIDC and OAuth flows and security of modern apps and API's and I couldn't be more happy with this valuable resource for our developers. Thank you so much Dr. Philippe!Jet Anderson, Code Doctor, Nike
In a nutshell, you should definitely join this course.
If you have a question, you will likely find the answer in the list below. If that is not the case, don't hesitate to reach out via email (firstname.lastname@example.org).
Can I subscribe multiple people at once?
Yes, absolutely. Please fill out this Google Form with the details of your order. We will contact you to complete the order process. Note that group licenses for 10 or more attendees are eligible for a 20% volume discount.
Can I receive an invoice for my purchase?
Of course. Due to the complexity of tax rules, we do not handle invoicing on the online platform. After your purchase, we will contact you for invoicing details.
How does the private consulting session in the bundle work?
The bundle with private consulting includes two hours of consulting time with your instructor, Philippe. These two hours are scheduled at your convenience in one or two consulting sessions. In those two hours, you have the opportunity to ask Philippe's advice on specific questions or scenarios.
If you subscribe multiple people at once, you can choose for the consulting add-on as well. In that scenario, all the members of the group purchase are welcome to join the private consulting session.
How long do I have access to the course?
Course subscriptions do not have an expiration date. Registering now gives you permanent access to the live sessions, the recordings of those live sessions, and the remastered recordings when released.
Can I rewatch the live session?
Yes, the live sessions are recorded as a webinar and made available shortly after each session. So if you missed a live session or want to rewatch a part of one you attended, you can easily go back to the files.
What are the remastered recordings?
In the remastered version, we cut the long live session into separate lessons. These recordings are post-processed and receive close captions in English. Processing videos takes quite a bit of time, so these will be released at a later date. Note that the full-length live recordings are available almost immediately after the live session.
Every course subscription includes complimentary access to the remastered versions.
Do you offer discounts?
No, the courses are priced reasonably. If you strictly look at getting the most quality for your money, this course is off the charts (in a good way!), as the depth offered by this course is unparalleled in other offerings.
Note that purchasing the bundle saves you 20% on the price of the individual courses.
Group licenses for 10+ attendees are eligible for a 20% volume discount.