Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A web developer’s ultimate goal is to not only develop a website or an app that is aesthetically and functionally stunning but highly secure as well. Cybersecurity is inevitable and no end-user would want to have an app that could breach or compromise their data security and integrity (no matter how useful the app is). With hackers and middlemen working on creative ways to explore vulnerabilities, it is on developers like us to take charge and be a step ahead of them.

Writing secure code in a way that prevents code injection might seem like an ordinary task, but there are many pitfalls along the way. For example, the fact that you (a developer) follow best security practices doesn’t mean that others are doing the same. You’re likely using open source packages in your application. How do you know if those were developed securely? What if insecure code like eval() exists there? Let’s dive into it.

JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor went over it, and applets that could give you your local weather forecast or tell you which web browser you’re using.