Secure Coding in Angular
Graded: Secure Coding in Angular
1 Question

Secure Coding in Angular

Link to AppSec200 training Secure Coding

About this course


Secure Coding in Angular

Instructor:Fabio Cerullo
Next Scheduled Course:
TBC Live Online €700 (1 day)



Angular empowers developers to create highly interactive and responsive user interfaces. It is imperative that security is an integral part of the development process. Being aware of possible vulnerabilities, using best practices and ensuring that critical assets are safeguarded from cyber threats is essential to creating secure web applications.

About this course


This course aims to equip Angular developers with the knowledge and skills to write secure applications by understanding and mitigating the vulnerabilities listed in the OWASP Top 10 2021, specifically within Angular applications. Through a mix of theoretical concepts and practical exercises, learners will be able to apply best practices for secure coding and ensure their Angular applications are robust against common security threats.

It is recommended that participants on the  Secure Coding in Angular course have an understanding of Angular basics and familiarity with web development and security concepts.

Course Outline

Introduction to Web Security & OWASP Top 10 2021

Web Security Fundamentals

  • Overview of OWASP Top 10 2021
  • The Role of Secure Coding in Angular Development

Broken Access Control

  • Deep dive into Broken Access Control
  • Implementing secure authorization in Angular
  • Securing routes and services in Angular


  • SQL, Template and HTML Injection vulnerabilities
  • How to identify and mitigate XSS and CSRF vulnerabilities
  • Angular best practices to prevent Injection vulnerabilities
  • Hands-on: DOM Cross-Site Scripting and Content Security Policy

Insecure Design

  • Introduction to Insecure Design
  • Designing Angular applications with security in mind
  • Hands-on: Applying design patterns for secure Angular applications

Security Misconfiguration

  • Common Angular security misconfigurations
  • Secure deployment practices for Angular apps
  • Hands-on: UI Redressing vulnerabilities

Vulnerable and Outdated Components

  • Risks associated with using vulnerable components
  • Managing dependencies in Angular projects
  • Hands-on: Outdated Package Causes Vulnerability in Angular

Identification and Authentication Failures

  • Securely managing user identities and authentication sessions
  • Maintaining state after authentication in Angular, OAuth2.0 Best Practices
  • Hands-on: Dangerous Open Redirect in Post-Login Navigation

Security Logging and Monitoring Failures

  • Importance of logging and monitoring for security
  • Implementing effective monitoring in Angular applications

Format: The course combines theory and hands-on practical exercises. The participants learn to identify vulnerabilities in a purposely-developed .Net application and fix them using secure coding best practices. This provides an ideal ‘real-life’ opportunity to exploit these vulnerabilities using different open source tools and techniques in a safe environment.

Duration: 1 day (8 hours)

Attendee Profile

The course is designed for:

  • Angular Developers
  • Web Developers transitioning to Angular
  • Security Professionals with an interest in web application security
Course Materials and Resources
  • Lecture slides and supplementary notes
  • Practical coding exercises with solutions
  • Additional resources for further learning
Related Training

Course Curriculum

Graded: Secure Coding in Angular
1 Question