Complex Web applications contain a lot of JavaScript code. Security of those applications depends on how robust this code is. In this course, JavaScript Security: Best Practices, you’ll learn how to improve the security of your JavaScript code. First, you’ll explore how exploiting the dynamic type system may lead to information disclosure vulnerabilities. Next, you’ll discover how JavaScript dynamic code execution functions can allow attackers to run arbitrary code within your application. Finally, you’ll learn how abusing prototypal inheritance may change the behavior of your application in unexpected ways. When you’re finished with this course, you’ll have the skills and knowledge of JavaScript security best practices needed to protect your web applications against attackers.
Author Name: Marcin Hoppe
Author Description:
Marcin Hoppe is a principal engineer on the Auth0 Platform Security team at Okta. He is passionate about building secure applications and promoting security best practices in the software development community. Marcin’s experience covers software engineering and various areas of information security, such as identity and access management, application and cloud infrastructure security, zero-trust architectures, cryptography, and privacy.

Table of Contents

• Course Overview
  1min
• Understanding JavaScript Security
  22mins
• Preventing Code Injection Attacks
  23mins
• Defending against Prototype Pollution
  24mins
• Testing Your Code
  20mins