One activity which I found useful with developers who are new to web security is to demonstrate them the use of interception proxies like OWASP ZAP or Burp Suite. It can be eye-opening when they realize that any part of a HTTP request can be modified and hence why thorough input validation is important.
Front end developer specialising in JavaScript and React. Experienced in all aspects of modern front end development. Passionate about making accessible, secure and performant software.
Thank you for this post, it was a good read! :)
One activity which I found useful with developers who are new to web security is to demonstrate them the use of interception proxies like OWASP ZAP or Burp Suite. It can be eye-opening when they realize that any part of a HTTP request can be modified and hence why thorough input validation is important.
Thanks, sounds like a good tip for showing the consequences in a practical way. Nice.