Dangers:
Data Leaks such as those from Sony, SingHealth, Target
Internal components are not safe behind the firewall. App sec should have multiple layers like a medieval castle.
Web security:
Same origin policy (Same protocol, domain name, port). Subdomains are cross origin.
HTTPS: SSL/ TLS to prevent eavesdropping, certificate for server(eg: veriSign) checked against store of certs stored in browser to prevent server spoofing.
Always use HTTPS: Let’s Encrypt is a free Certificate Authority
(CipherSuites, Two way)
hashing passwords: use bcrypt, scrypt, argon2
Preventing injections:
Sanitation, Validation, parameterised queries (can use ?)
For non-SQL, there should be a parameterised query equivalent API
XXS: WordPress plugins are notoriously vulnerable to XSS, output encoding
+ content security policy (disable js mixing in with html, must opt in)
prioritize output encoding over input validation
Browser exploitation framework project
Secrets
Never commit credentials into source control
Use env vars, pipeline vars, hashicorp vault
Tools to prevent accidental commits: GitRob (reactive, scans repo), Talisman (proactive, pre-commit hook)
Automated tools to check simple vulnerabilities + manual pen tests
Resources:
OWASP
https://krebsonsecurity.com
https://codecurmudgeon.com/wp/sql-injection-hall-of-shame
Stuff I Have Learnt 