July 15, 2025

We Should Care More About Web App Security

Listen Later

1 hour 3 minutes

In this episode, Matt and Mike dive deep into web app security by walking through a simple SaaS note-taking app and breaking down vulnerabilities at each layer—from frontend and backend to auth and hosting. With 16 billion credentials recently leaked and AI increasing attack complexity, even indie devs need to lock things down. They cover common security pitfalls like XSS, CSRF, IDOR, insecure cookies, and more—along with practical mitigations using tools like tRPC, Prisma, and Next.js. Whether you’re building solo or part of a team, this episode will help you build safer apps from the ground up.

Show Notes: https://www.htmlallthethings.com/podcasts/we-should-care-more-about-web-app-security

Powered by CodeRabbit - AI Code Reviews: https://coderabbit.link/htmlallthethings

Use our Scrimba affiliate link (https://scrimba.com/?via=htmlallthethings) for a 20% discount!! Full details in show notes.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

HTML All The Things - Web Development, Web Design, Small Business

By Matt Lawrence and Mike Karan

4.8

4848 ratings

July 15, 2025

We Should Care More About Web App Security

Listen Later

1 hour 3 minutes

In this episode, Matt and Mike dive deep into web app security by walking through a simple SaaS note-taking app and breaking down vulnerabilities at each layer—from frontend and backend to auth and hosting. With 16 billion credentials recently leaked and AI increasing attack complexity, even indie devs need to lock things down. They cover common security pitfalls like XSS, CSRF, IDOR, insecure cookies, and more—along with practical mitigations using tools like tRPC, Prisma, and Next.js. Whether you’re building solo or part of a team, this episode will help you build safer apps from the ground up.

Show Notes: https://www.htmlallthethings.com/podcasts/we-should-care-more-about-web-app-security

Powered by CodeRabbit - AI Code Reviews: https://coderabbit.link/htmlallthethings

Use our Scrimba affiliate link (https://scrimba.com/?via=htmlallthethings) for a 20% discount!! Full details in show notes.

...more

More shows like HTML All The Things - Web Development, Web Design, Small Business

Hanselminutes with Scott Hanselman by Scott Hanselman

Hanselminutes with Scott Hanselman

383 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

289 Listeners

The 5 AM Miracle: Healthy Productivity for High Achievers by Jeff Sanders

The 5 AM Miracle: Healthy Productivity for High Achievers

722 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

626 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

585 Listeners

Python Bytes by Michael Kennedy and Brian Okken

Python Bytes

214 Listeners

Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

Syntax - Tasty Web Development Treats

988 Listeners

CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

CoRecursive: Coding Stories

190 Listeners

.NET Rocks! by Carl Franklin and Richard Campbell

.NET Rocks!

244 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

64 Listeners

All-In with Chamath, Jason, Sacks & Friedberg by All-In Podcast, LLC

All-In with Chamath, Jason, Sacks & Friedberg

9,932 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

138 Listeners

Marketing Against The Grain by Hubspot Media

Marketing Against The Grain

358 Listeners

web3 with a16z crypto by a16z crypto, Robert Hackett, Sonal Chokshi

web3 with a16z crypto

60 Listeners

AI + a16z by a16z

AI + a16z

35 Listeners