Pragmatic Web Security

A pragmatic approach to web security, tailored towards developers. Get a ton of security knowledge from our concise and to-the-point cheat sheets.

Angular and the OWASP Top 10

The OWASP top 10 is one of the most influential security documents of all time. But how do these top 10 vulnerabilities resonate in an Angular application? This cheat sheet offers practical tips on five relevant items from the OWASP top 10.

JSON Web Tokens (JWT)

JSON Web Tokens (JWTs) have become extremely popular. JWTs seem deceivingly simple. However, to ensure their security properties, they depend on complex and often misunderstood concepts. This cheat sheet focuses on the underlying concepts. The cheat sheet covers essential knowledge for every developer producing or consuming JWTs.

Secure data storage in the browser

Secure data storage in a browser is quite a challenge. This cheat sheet explores the security properties of data storage mechanisms in the browser. It offers origin-based isolation as an alternative over the use of localStorage or sessionStorage. The cheat sheet also covers how to encrypt data for online or offline use.