July 15, 2025

We Should Care More About Web App Security

Listen Later

1 hour 3 minutes

In this episode, Matt and Mike dive deep into web app security by walking through a simple SaaS note-taking app and breaking down vulnerabilities at each layer—from frontend and backend to auth and hosting. With 16 billion credentials recently leaked and AI increasing attack complexity, even indie devs need to lock things down. They cover common security pitfalls like XSS, CSRF, IDOR, insecure cookies, and more—along with practical mitigations using tools like tRPC, Prisma, and Next.js. Whether you’re building solo or part of a team, this episode will help you build safer apps from the ground up.

Show Notes: https://www.htmlallthethings.com/podcasts/we-should-care-more-about-web-app-security

Powered by CodeRabbit - AI Code Reviews: https://coderabbit.link/htmlallthethings

Use our Scrimba affiliate link (https://scrimba.com/?via=htmlallthethings) for a 20% discount!! Full details in show notes.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

HTML All The Things - Web Development, Web Design, Small Business

By Matt Lawrence and Mike Karan

4.8

4646 ratings

July 15, 2025

We Should Care More About Web App Security

Listen Later

1 hour 3 minutes

In this episode, Matt and Mike dive deep into web app security by walking through a simple SaaS note-taking app and breaking down vulnerabilities at each layer—from frontend and backend to auth and hosting. With 16 billion credentials recently leaked and AI increasing attack complexity, even indie devs need to lock things down. They cover common security pitfalls like XSS, CSRF, IDOR, insecure cookies, and more—along with practical mitigations using tools like tRPC, Prisma, and Next.js. Whether you’re building solo or part of a team, this episode will help you build safer apps from the ground up.

Show Notes: https://www.htmlallthethings.com/podcasts/we-should-care-more-about-web-app-security

Powered by CodeRabbit - AI Code Reviews: https://coderabbit.link/htmlallthethings

Use our Scrimba affiliate link (https://scrimba.com/?via=htmlallthethings) for a 20% discount!! Full details in show notes.

...more

More shows like HTML All The Things - Web Development, Web Design, Small Business

Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

284 Listeners

iOS Today (Audio) by TWiT

iOS Today (Audio)

543 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

590 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

621 Listeners

Soft Skills Engineering by Jamison Dance and Dave Smith

Soft Skills Engineering

269 Listeners

Python Bytes by Michael Kennedy and Brian Okken

Python Bytes

215 Listeners

Y Combinator Startup Podcast by Y Combinator

Y Combinator Startup Podcast

217 Listeners

Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

Syntax - Tasty Web Development Treats

987 Listeners

REWORK by 37signals

REWORK

211 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

62 Listeners

The Real Python Podcast by Real Python

The Real Python Podcast

139 Listeners

AI and I by Dan Shipper

AI and I

32 Listeners

Lightcone Podcast by Y Combinator

Lightcone Podcast

22 Listeners

OpenAI Podcast by OpenAI

OpenAI Podcast

28 Listeners