Solid coverage of the core web security concepts that fullstack web developers need to be aware of, with hands-on practice implementing security in Node, Express, and Postgres.
By Various Authors
The course covers how to defend Node and Express applications against malicious attacks and improve user experiences using sessions, cookies, and password authentication.
The guided projects ask you to implement security measures in real-world scenarios, including password authentication for a dogwalking photo sharing app, and securing a Postgres database for a school.
In the final section, there's a fairly meaty solo project where you're tasked with securing a Node application for a bank against SQL Injection, XSS, and CSRF Attacks.
The course includes an article on JWT Authentication, but doesn't include demonstration or practice. We suggest practicing implementation on the bank application security project.
By Gavin Johnson-Lynn, Peter Mosmans, others
Great option for learning security best practices for enterprise-grade applications.
App Academy Open
By Various Authors
Tremendous free resource for learning the foundations of web application security.
By Mike North
Solid video-based introduction to securing web applications, with some hands-on examples.
Our course reviews are conducted by a team of technical professionals, course developers, and lifelong learners.
The lead of this project, Brian Green, has worked in developer education since 2009. He built the content development teams at Pluralsight and Udacity, implementing quality standards and tutorials to improve course quality and working with hundreds of authors to create courseware. Most recently, he built the product team at App Academy. As of writing, he estimates he has spent nearly a year of his life taking or reviewing online courses, on topics ranging from Web Development, Networking, Server Administration, DevOps, Cybersecurity, Machine Learning, and Artificial Intelligence.
We reviewed this course using the following criteria: