{ Soham Kamani }

About Blog Github Twitter


Web security essentials - A crash course 🔑

Securing a web application is hard, but it’s also extremely important. There is so much to learn, and the learning curve is so steep, that newcomers to web development are often overwhelmed when they look at all that goes into making a simple login authenticated website.

I made this crash course because I too faced a lot of trouble in learning and implementing most of the security features that come with standard web applications. This was because most of the resources on these topics are scattered and explained in a way not suitable for people just getting started.

This course (read: series of 7 blog posts) is aimed at newcomers who want to get up to speed with some of the most basic and important concepts like password management, session cookies, and some of the most common types of attacks. All posts are kept short, contain examples, and can be completed in a few days.

So, here it is :

  1. Sessions and cookies
  2. Password storage
  3. CORS (Cross origin resource sharing)
  4. XSS (Cross site scripting)
  5. CSRF (Cross site request forgery)
  6. SQL Injection
  7. Human Error and UI/UX design

These topics are compiled based on my experience in web development. If you have any feedback on a topic that is not covered, let me know in the comments!

Like what I write? Join my mailing list, and I'll let you know whenever I write another post. No spam, I promise!


Soham Kamani

Written by Soham Kamani, an author,and a full-stack developer who has extensive experience in the JavaScript ecosystem, and building large scale applications in Go. He is an open source enthusiast and an avid blogger. You should follow him on Twitter