Listen to the latest episode of the Secure Developer podcastListen now


Modern AppSec Gotchas

with Fletcher Heisler


We keep building better web frameworks full of built-in security features, but we keep finding new ways to work around them! In this talk, we’ll explore common patterns where smart developers choose (sometimes accidentally) to forego the built-in protection offered by their tools of choice. We’ll cover where this happens, why it tends to happen, and how to catch these corner cases before they turn up in production. As a developer, it’s easy to be lured into the trap that security is “already taken care of” by that shiny new {NodeJS package/Golang framework/JSX-on-the-blockchain}, but we’ll also give some examples of insecure defaults in commonly relied on frameworks.



Application Security
Security Best Practices

Fletcher Heisler

CEO at Hunter2

About Fletcher Heisler

Fletcher Heisler is the founder and CEO of Hunter2, a company that provides engineering teams with modern appsec training through an online platform of interactive labs, developers get hands-on practice exploiting and patching up real applications. Fletcher previously ran Real Python, an online community of hundreds of thousands learning modern web development and programming practices.

We use cookies to ensure you get the best experience on our website.Read Privacy Policy