Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

General Discussion

Posted by Andrew Merrick
Andrew Merrick
20,151 Points

Web and Application Security

Does anyone know if there are any plans for tracks/deep dives on Web and Application Security?

Garrett Jeffrey
.a{fill-rule:evenodd;}techdegree
Garrett Jeffrey
Front End Web Development Techdegree Student 10,064 Points

I would love that as well.

9 Answers

Paul Graham
Paul Graham
1,396 Points
Paul Graham
Paul Graham
1,396 Points

+1 on that, I would love that.

Holger Liesegang
Holger Liesegang
50,595 Points
Holger Liesegang
Holger Liesegang
50,595 Points

+1 on that from me, too (esp. PHP, MySQL...)

Paul Graham
Paul Graham
1,396 Points
Paul Graham
Paul Graham
1,396 Points

I wish there was a Stack Exchange like thing on here where people could vote on specific class requests just to have a concrete idea what people are actually interested in.

Andrew Merrick
Andrew Merrick
20,151 Points
Andrew Merrick
Andrew Merrick
20,151 Points

@Paul - Maybe you should build an app for that :)

James Barnett
James Barnett
39,199 Points

Except if it was a separate thing would have to go and find it. It would be much better if it were built into Treehouse.

James Barnett
James Barnett
39,199 Points
James Barnett
James Barnett
39,199 Points

I suppose there could be a Securing PHP & MySQL deep dive course but that would be 3 or 4 courses away as it's a very advanced topic.

Andrew Merrick
Andrew Merrick
20,151 Points
Andrew Merrick
Andrew Merrick
20,151 Points

There could be more advanced courses that pertain to particular languages, but even just a general course on Cross-site scripting (XSS), SQL injections, PHP injections, Javascript injections, etc., would be valuable to us as students. I currently work in Information Security and most developers and designers receive very little training in this area. There could be Beginner, Intermediate and Advanced stages.

James Barnett
James Barnett
39,199 Points

> most developers and designers receive very little training in this area.

You've got that right!

> There could be Beginner, Intermediate and Advanced stages.

Of course the techniques for mitigating the issues you listed (would be, I believe) way more advanced than anything currently on Treehouse.

Robert Newman
Robert Newman
29,571 Points
Robert Newman
Robert Newman
29,571 Points

+1 I would love to see this as security is something i have no knowledge of as of yet.

Andrew Merrick
Andrew Merrick
20,151 Points
Andrew Merrick
Andrew Merrick
20,151 Points

I think a course on this topic could be implemented but that obviously won't happen overnight... however, there is a great resource to begin on your own and it's called the The Web Application Hacker's Handbook. It relies on a premise that the best way to defend is to learn how to attack. It covers multiple topics including XSS, SQL injections, etc. I recommend it as a great introduction into Web and Application security.

http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470

Jaime Rios
Jaime Rios
Courses Plus Student 21,100 Points

Thanks so much for sharing.

Jon Goodey
Jon Goodey
33,093 Points
Jon Goodey
Jon Goodey
33,093 Points

+1 Would be a very useful course