Secure coding education should be more than a list of issues or repeating generic advice. Liran Tal explains his approach to teaching developers through examples that start with exploiting known vulns and end with discussions on possible fixes. Not only does this create a more engaging experience, but it also relies on code that looks familiar to developers rather than contrived or overly simplistic examples.

Segment resources:

• https://github.com/lirantal
• https://cheatsheetseries.owasp.org/cheatsheets/NPMSecurityCheat_Sheet.html
• https://lirantal.com/blog/poor-express-authentication-patterns-nodejs

Show Notes: https://securityweekly.com/asw-286