SecAppDev 2025 Faculty

Modern web applications rely heavily on frontend code, making browser security mechanisms crucial for protecting users and data. This hands-on workshop takes a deep dive into advanced frontend security for Angular / React / Vue applications.

Participants will explore real-world attack scenarios and implement defenses through guided exercises. Designed for developers and security professionals, this workshop blends academic depth with practical application, equipping attendees with the skills to secure modern frontends effectively.

Learning goal: Understand and apply state-of-the-art security mechanisms to protect modern frontends from real-world threats.

OpenAPI specs are more than docs—they can drive API security. Learn how to use them in spec/code-first workflows to find vulnerabilities, guide audits, and power security tools for testing, attacks, and runtime protection.

Key takeaway: A well-crafted OpenAPI spec can uncover security issues, guide audits, and power tools for testing, making it a key asset in your API security strategy.

Web security is complex and evolving fast, with browsers playing a growing security role. This session explores core techniques to build secure apps and APIs, giving you the foundation to tackle more advanced web security topics.

Key takeaway: Learn how modern browsers approach security and how to build on that foundation to create secure web apps and APIs using proven core techniques.

Using OAuth 2.0 in the frontend increases your attack surface. Learn why BFF is safer and how to defend against real-world token attacks.

Key takeaway: Frontend OAuth 2.0 patterns, even with token protections, leave apps exposed—real security comes from moving sensitive logic to a secure backend.