Bummer! This is just a preview. You need to be signed in with a Basic account to view the entire video.
Start a free Basic trial
to watch this video
In this video, we will explain why you should care about web security, and how it applies to your day-to-day development activities.
New Terms:
- Networking stack: the networking stack is the set of system services running in your computer or server that allow it to talk to other computers and services. It consists of several layers, but the most important one most developers need to be aware of is the application layer, which is the highest level of network protocols that includes things like HTTP.
-
0:00
[MUSIC]
-
0:04
Welcome I'm Alena, a teacher here at Treehouse.
-
0:08
Whatever your language of choice, PHP, .NET, JavaScript,
-
0:12
Python, Java or any other language, security is for everyone.
-
0:18
In this course, we're going to learn about some of the most important web security
-
0:22
fundamentals, including HTTPS, authentication and
-
0:27
authorization, patch management, and compliance.
-
0:31
Each of these topics is a focus in the field of web security.
-
0:35
Which falls beneath the larger umbrella of security in general.
-
0:39
Security in general, however, can be applied to nearly any technology.
-
0:44
As shown here, security ranges up and down the modern networking stack.
-
0:49
When we think of security, we may think of protecting the physical 1s and
-
0:53
0s running across the cable, which would be a very low level.
-
0:57
Or, we may think of protecting our web applications
-
1:00
from bad people intercepting traffic, which would be at the application level.
-
1:07
Regardless, it's important to realize that security is a very broad topic.
-
1:12
We'll only be diving into the parts of security that lie in the web protocols
-
1:17
at the application layer of most networking stacks.
-
1:21
Web security concerns the security of websites,
-
1:24
applications, APIs and services in general.
-
1:28
It covers a wide range of topics from writing secure code
-
1:32
to protecting your applications once they're deployed.
-
1:36
On the modern web, security varies widely from site to site.
-
1:40
Our goal is to teach you the basics.
-
1:42
And insure that you have the ability to explore more advance concepts
-
1:47
that will allow you to secure your sites, APIs, services, and
-
1:52
applications against malicious entities.
-
1:55
Without building and maintaining secure applications, your users are at risk, and
-
2:00
your company's assets maybe vulnerable.
-
2:03
Within nearly every competent organization,
-
2:06
someone should be responsible for security.
-
2:09
And at least every developer should know the basics.
-
2:13
As developers, we should be aware of the potential vulnerabilities
-
2:17
introduced into the code base with each feature and every bug fix.
-
2:22
No matter what your job at your company, organization, or even side project,
-
2:27
you should have security in mind when you deploy your web applications.
-
2:31
Especially if you have users you wish to protect.
-
2:35
By working together and putting security first, we can all reduce the impact
-
2:40
that data breaches and malicious entities cause to our users.
You need to sign up for Treehouse in order to download course files.
Sign up