The Laravel Podcast Security, with Rizqi Djamaluddin
Feb 16, 2021
01:24:10
It's every application developer's nightmare: your app gets hacked and everyone's private data is out in the open, and it's your fault.
Thankfully, Laravel and the tools it brings have the best security practices baked in. But a framework can only save us from so much.
In this episode, security advocate and UX Designer (the UX part matters! Listen to find out why) talks about what Laravel gives us by default, how to write code that plays nicely with Laravel's built-in security tooling, and other helpful tools and practices that can keep you, your apps, and your clients secure.
- Rizqi Djamaluddin Twitter - https://twitter.com/rizqi_djm
- Laravel Documents: Eloquent - https://laravel.com/docs/8.x/eloquent
- SQL Injection - https://en.wikipedia.org/wiki/SQL_injection
- Cross Site Scripting (XSS) - https://en.wikipedia.org/wiki/Cross-site_scripting
- AWS
- Takeout - https://github.com/tighten/takeout
- Minio - https://min.io/
- S3 - https://s3.com/
- NGINX - https://www.nginx.com/resources/wiki/start/topics/examples/x-accel/
- HTML Purifier - http://htmlpurifier.org/
- Laravel Documents: CSRF Protection - https://laravel.com/docs/8.x/csrf
- CORS - https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
- Rate Limiting - https://en.wikipedia.org/wiki/Rate_limiting
- 2 Factor Authentication - https://authy.com/what-is-2fa/
- OWASP - https://owasp.org/
- Laravel Slack - https://larachat.co/
-----
Editing sponsored by Tighten; transcript sponsored by Larajobs.