SPA Secure Coding Guide

SPA Secure Coding Guide

Geoffrey Vandiest Geoffrey Vandiest

Geoffrey Vandiest

Published Feb 8, 2019
+ Follow

Here you can find the slides that accompany my “SPA Secure Coding Guide”, this presentation go through a set of security best practices specially targeted towards developing Angular applications with ASP.Net Web Api backends.

It comes with a WebApi example project available on GitHub that provides several code examples of how to defend yourself. The example app is based on the famous "Tour of Heroes" Angular app used throughout the Angular documentation.

It first introduce general threat modelling before explaining the most current type of attacks Asp.Net Web API are vulnerable to .

It is designed to serve as a secure coding reference guide, to help development teams quickly understand Asp.Net Core secure coding practices.

To view or add a comment, sign in

More articles by Geoffrey Vandiest

  • OIDC with auth0, Angular and DotNet Core 3.1
    Jan 6, 2020

    OIDC with auth0, Angular and DotNet Core 3.1

    On my github repo you’ll find a demo app based on auth0 SPA Angular quickstart. It's integrated with a .

    1 Comment
  • Is my dream team a feature-team?
    Oct 16, 2018

    Is my dream team a feature-team?

    Feature teams is one of the ways of scaling agile over a larger organization, you divide your organization in many…

    2 Comments
  • The monolith database as a primary cause of slow delivery
    Sep 11, 2018

    The monolith database as a primary cause of slow delivery

    Large monolitic applications are characterized by big bottlenecks that slows down the entire process. The dependencies…

    1 Comment
  • Microservices: Size does not matter
    Aug 27, 2017

    Microservices: Size does not matter

    The term micro in microservice suggest that services should be decomposed in very small units. Martin Fowler recommend…

  • Embrace Continuous Delivery or die!
    Jun 19, 2017

    Embrace Continuous Delivery or die!

    In the classical view of software delivery, you need to make a trade-off between quality and speed. The traditional IT…

    2 Comments
  • Angular2 vs React
    Nov 27, 2016

    Angular2 vs React

    Currently we had a lot of discussion on which web framework we should invest: Angular2 or React. Therefore, I decided…

  • Start building apps with Angular2, NodeJs, MongoDB, Gulp and TypeScript
    Jun 11, 2016

    Start building apps with Angular2, NodeJs, MongoDB, Gulp and TypeScript

    On https://github.com/geobarteam/merode/tree/mongoose I assembled an example application based on the Angular2 Tour of…

    3 Comments
  • ASP.NET CORE: Building TypeScript with Gulp
    May 15, 2016

    ASP.NET CORE: Building TypeScript with Gulp

    In the preceding post I show how you can compile your TypeScript files with tsc. You can also simply use Visual Studio…

  • ASP.NET Core: Modify an Angular App to use Typescript
    May 9, 2016

    ASP.NET Core: Modify an Angular App to use Typescript

    In this post I explain how to modify an Angular 1.x app to use typescript.

  • Create an Angular App with ASP.NET Core
    May 6, 2016

    Create an Angular App with ASP.NET Core

    Here I start a series of little tutorials on how to build from scratch a new Angular application with ASP.NET Core and…

    2 Comments
See all articles

Explore content categories