July 15, 2025

We Should Care More About Web App Security

Listen Later

1 hour 3 minutes

In this episode, Matt and Mike dive deep into web app security by walking through a simple SaaS note-taking app and breaking down vulnerabilities at each layer—from frontend and backend to auth and hosting. With 16 billion credentials recently leaked and AI increasing attack complexity, even indie devs need to lock things down. They cover common security pitfalls like XSS, CSRF, IDOR, insecure cookies, and more—along with practical mitigations using tools like tRPC, Prisma, and Next.js. Whether you’re building solo or part of a team, this episode will help you build safer apps from the ground up.

Show Notes: https://www.htmlallthethings.com/podcasts/we-should-care-more-about-web-app-security

Powered by CodeRabbit - AI Code Reviews: https://coderabbit.link/htmlallthethings

Use our Scrimba affiliate link (https://scrimba.com/?via=htmlallthethings) for a 20% discount!! Full details in show notes.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

HTML All The Things - Web Development, Web Design, Small Business

By Matt Lawrence and Mike Karan

4.8

4646 ratings

July 15, 2025

We Should Care More About Web App Security

Listen Later

1 hour 3 minutes

In this episode, Matt and Mike dive deep into web app security by walking through a simple SaaS note-taking app and breaking down vulnerabilities at each layer—from frontend and backend to auth and hosting. With 16 billion credentials recently leaked and AI increasing attack complexity, even indie devs need to lock things down. They cover common security pitfalls like XSS, CSRF, IDOR, insecure cookies, and more—along with practical mitigations using tools like tRPC, Prisma, and Next.js. Whether you’re building solo or part of a team, this episode will help you build safer apps from the ground up.

Show Notes: https://www.htmlallthethings.com/podcasts/we-should-care-more-about-web-app-security

Powered by CodeRabbit - AI Code Reviews: https://coderabbit.link/htmlallthethings

Use our Scrimba affiliate link (https://scrimba.com/?via=htmlallthethings) for a 20% discount!! Full details in show notes.

...more

More shows like HTML All The Things - Web Development, Web Design, Small Business

Philosophize This! by Stephen West

Philosophize This!

15,214 Listeners

Software Engineering Radio by se-radio@computer.org

Software Engineering Radio

273 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

292 Listeners

Uncanny Valley | WIRED by WIRED

Uncanny Valley | WIRED

493 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

623 Listeners

Talk Python To Me by Michael Kennedy

Talk Python To Me

585 Listeners

Soft Skills Engineering by Jamison Dance and Dave Smith

Soft Skills Engineering

288 Listeners

Python Bytes by Michael Kennedy and Brian Okken

Python Bytes

214 Listeners

Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

Syntax - Tasty Web Development Treats

983 Listeners

REWORK by 37signals

REWORK

210 Listeners

The freeCodeCamp Podcast by freeCodeCamp.org

The freeCodeCamp Podcast

483 Listeners

The Stack Overflow Podcast by The Stack Overflow Podcast

The Stack Overflow Podcast

62 Listeners

The Real Python Podcast by Real Python

The Real Python Podcast

141 Listeners

Big Technology Podcast by Alex Kantrowitz

Big Technology Podcast

478 Listeners

The Next Wave - AI and The Future of Technology by Mindstream (Hubspot Media)

The Next Wave - AI and The Future of Technology

61 Listeners