SecAppDev 2025 lecture details
Leveraging the security model of the web
Web security is complex and evolving fast, with browsers playing a growing security role. This session explores core techniques to build secure apps and APIs, giving you the foundation to tackle more advanced web security topics.
Schedule TBD
Abstract
Web security is messy, complicated, and under constant evolution. Additionally, modern browsers are playing a continuously increasing pro-active role in security.
In this session, we explore how the browser thinks about security and how we can leverage that to build more secure web applications and APIs. We define core security techniques that you can use as the secure baseline to build your applications on. This session will give you the necessary background to secure your applications, and to dive into more advanced web security topics here at SecAppDev.
Key takeaway
Learn how modern browsers approach security and how to build on that foundation to create secure web apps and APIs using proven core techniques.
Content level
Introductory
Target audience
Anyone building applications that are exposed to the Internet
Prerequisites
None
Join us for SecAppDev. You will not regret it!
Grab your seat now
Philippe De Ryck
Security Expert, Pragmatic Web Security
Expertise: Web security, API security, OAuth 2.0, OpenID Connect
Join us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
Using AI to write Secure React.JS code
Deep-dive lecture by Jim Manico
In this talk, we will explore the massive potential of AI in secure code creation. This session will discuss techniques that will aid AI code creation engine to produce higher quality and more secure code.
Key takeaway: Actionable advice on using AI to generate secure code
Using WebAssembly to run, extend, and secure your app
Introductory lecture by Niels Tanis
In this session we'll dig into WASM, how it works, it's security features and how we can use it to host, extend and secure our applications by running it the WebAssembly System Interface (WASI).
Key takeaway: Understanding WASM, it's security features and how leverage those by integrating it into your application/software.
Breaking and securing OAuth 2.0 in frontends
Deep-dive lecture by Philippe De Ryck
Using OAuth 2.0 in the frontend increases your attack surface. Learn why BFF is safer and how to defend against real-world token attacks.
Key takeaway: Frontend OAuth 2.0 patterns, even with token protections, leave apps exposed—real security comes from moving sensitive logic to a secure backend.