Security
OWASP, secure coding, authentication, and vulnerability prevention
10 skillsOWASP Top 10 Prevention
Prevent the OWASP Top 10 web application vulnerabilities with concrete coding patterns.
Secure API Design
API security with authentication, authorization, rate limiting, and input validation.
Dependency Security & Supply Chain
Secure dependency management, vulnerability scanning, and supply chain attack prevention.
JWT Token Security Patterns
JWT security with signing algorithms, token lifecycle, refresh rotation, and common vulnerability prevention.
CORS Configuration & Security
Cross-Origin Resource Sharing configuration with secure defaults, preflight handling, and common pitfalls.
Content Security Policy Headers
CSP configuration for XSS prevention, inline script control, and reporting.
Secrets Management
Secrets management with HashiCorp Vault, AWS SSM, environment variables, and rotation patterns.
Penetration Testing Checklist
Web application penetration testing methodology, common attack vectors, and remediation patterns.
Zero Trust Security Model
Zero trust architecture with identity verification, micro-segmentation, and least-privilege access.
Rate Limiting Implementation
Rate limiting patterns with sliding windows, token buckets, distributed limiting, and response handling.