Angular Academy

Enterprise Security

12-week effective learning program

Learn all you need about full-stack Web Security and implement a role-based enterprise-grade authorization in Angular and REST API

 
Join the Program
Registration closes July 8, 2020 in
0
Days
0
Hours
0
Minutes
0
Seconds
By the end of this program, you will...
Have a solid understanding of the Web Security model
Know Web Security vulnerabilities and prevention methods
Implement a role-based authorization system in real-life application
Know how to secure Angular application and backend API in Node
Who is the Academy for?
Every level Angular developers (from juniors to seniors) willing to double down on their software security skills!
New to Angular? 🚀 Don't worry!
You have 5 weeks to catch up with Angular - the first 5 modules are framework agnostic - we cover Web Security topics!
Taking the official Angular tutorial will give you enough skills to benefit from the Academy.
Academy Agenda
1
The big plan
  • Welcome lesson
  • The big goal
  • Program structure and topics
  • What you need
  • Training outcomes
  • Homework
2
Web Security model
  • Same-origin policy
  • Cross-origin resource sharing
  • Content Security Policy
  • Reporting in Content Security Policy
  • Hashes and nonces
  • Subresource integrity
3
Client vs. server security
  • Client-side securityFREE
  • Server-side security
  • HTTPS Communication
  • Tokens vs. sessions
  • When to use tokens?
  • When to use sessions?
4
Security vulnerabilities
  • OWASP Top 10 FREE
  • Cross-site scripting
  • Cross-site request forgery
  • JWT Hacking FREE
  • Other web applications attacks
5
Application architecure
  • Role-based access control design
  • Application architecure
  • Authentication vs. authorization
  • Secured Angular parts
  • Secured API
  • Node.js application setup
6
Core features implementation
  • Login feature in Angular
  • Login feature in Node
  • Sign up feature in Angular
  • Sign up feature in Node
  • Router Guards
  • Http Interceptors
7
Client security implementation
  • Content Security Policy
  • XSS prevention
  • CSRF prevention
  • HttpOnly and Secure Cookies
  • UserAuth object
  • Conditional components visibility
8
API security implementation
  • Working with sever-side session
  • Logging access and application events
  • Throttling failed logins
  • Input sanitization and validation
  • Two vectors of authorization
  • Preventing requests without the proper ownership or role
  • Setting up CORS
9
Roles and account management
  • Adding a new user to an account
  • Confirming a new user for an account
  • Password recovery
  • Managing active sessions
  • Removing logged users
10
External authentication
  • Resource Server (Service Provider) and Authorization Server (Identity Provider)
  • Understanding different OAuth flows
  • Authorization Code Flow + PKCE
  • Using OpenID Connect (OIDC)
  • Implementing two-factor authentication (2FA)
11
External user management
  • Federated identity management (FIM)
  • Social login and Single sign-on (SSO)
  • FIM providers comparison
  • Using a cloud vs. on-premise
  • Implementing FIM integration
  • OAuth/OIDC security risks
12
GDPR and legal guide
Created with a lawyer
  • Personal data intro for developers
  • What you MUST do for legal compliance
  • Privacy Policy
  • Terms and Conditions
  • GDPR and regulations around the World
  • Using cookies and consent
Homework after each module
Show full agenda
Academy Schedule
Monday
June
29
Tuesday
June
30
Wednesday
July
1
Registration starts
Thursday
July
2
Registration
Friday
July
3
Registration
Saturday
July
4
Registration
Sunday
July
5
Registration
Week 1 - The big plan
Monday
July
6
Registration
Tuesday
July
7
Registration
Wednesday
July
8
Registration closes
Thursday
July
9
Live call
at 5 PM GMT
Friday
July
10
Module 2
released
Saturday
July
11
Time to study
Sunday
July
12
Time to study
Week 2 - Web Security Model
Monday
July
13
Time to study
Tuesday
July
14
Time to study
Wednesday
July
15
Time to study
Thursday
July
16
Live call
at 5 PM GMT
Friday
July
17
Module 3
released
Saturday
July
18
Time to study
Sunday
July
19
Time to study
Week 3 - Client vs. server security
Monday
July
20
Time to study
Tuesday
July
21
Time to study
Wednesday
July
22
Time to study
Thursday
July
23
Live call
at 5 PM GMT
Friday
July
24
Module 4
released
Saturday
July
25
Time to study
Sunday
July
26
Time to study
Week 4 - Security vulnerabilities
Monday
July
27
Time to study
Tuesday
July
28
Time to study
Wednesday
July
29
Time to study
Thursday
July
30
Live call
at 5 PM GMT
Friday
July
31
Module 5
released
Saturday
August
1
Time to study
Sunday
August
2
Time to study
Week 5 - Application architecure
Monday
August
3
Time to study
Tuesday
August
4
Time to study
Wednesday
August
5
Time to study
Thursday
August
6
Live call
at 5 PM GMT
Friday
August
7
Module 6
released
Saturday
August
8
Time to study
Sunday
August
9
Time to study
Week 6 - Core features implementation
Monday
August
10
Time to study
Tuesday
August
11
Time to study
Wednesday
August
12
Time to study
Thursday
August
13
Live call
at 5 PM GMT
Friday
August
14
Module 7
released
Saturday
August
15
Time to study
Sunday
August
16
Time to study
Week 7 - Client security implementation
Monday
August
17
Time to study
Tuesday
August
18
Time to study
Wednesday
August
19
Time to study
Thursday
August
20
Live call
at 5 PM GMT
Friday
August
21
Module 8
released
Saturday
August
22
Time to study
Sunday
August
23
Time to study
Week 8 - API security implementation
Monday
August
24
Time to study
Tuesday
August
25
Time to study
Wednesday
August
26
Time to study
Thursday
August
27
Live call
at 5 PM GMT
Friday
August
28
Module 9
released
Saturday
August
29
Time to study
Sunday
August
30
Time to study
Week 9 - Roles and account management
Monday
August
31
Time to study
Tuesday
September
1
Time to study
Wednesday
September
2
Time to study
Thursday
September
3
Live call
at 5 PM GMT
Friday
September
4
Module 10
released
Saturday
September
5
Time to study
Sunday
September
6
Time to study
Week 10 - External authentication
Monday
September
7
Time to study
Tuesday
September
8
Time to study
Wednesday
September
9
Time to study
Thursday
September
10
Live call
at 5 PM GMT
Friday
September
11
Module 11
released
Saturday
September
12
Time to study
Sunday
September
13
Time to study
Week 11 - External user management
Monday
September
14
Time to study
Tuesday
September
15
Time to study
Wednesday
September
16
Time to study
Thursday
September
17
Live call
at 5 PM GMT
Friday
September
18
Module 12
released
Saturday
September
19
Time to study
Sunday
September
20
Time to study
Week 12 - GDPR and legal guide
You can learn solo - live calls are optional (but very helpful 🔥)
What is included in the Academy?
WORTH
$1199
12-week learning program - video lessons
WORTH
$2399
12 LIVE group coaching sessions
WORTH
$399
GDPR and legal guide
WORTH
$299
Joint-work group on Slack
WORTH
$199
All the recordings from coaching sessions
WORTH
$99
List of authorization libaries
WORTH
PRICELESS
Life-time access to the materials
(with all future updates) 🔥
The whole package of $4594 value
ONLY $499
LIFETIME MEMBERSHIP
Pay once and get a lifetime access to all lessons and content from all the future Academy editions.
What others say?
I am really impressed with the quality of the materials in the Academy. The content is designed in easy to consume fashion and focuses on important aspects. Also, it is very valuable to learn together with other developers over an extended period of time. I really recommend this kind of online training.
Alex G.
Developer and author, Spain
The course is really well built. It first guides you through the ways a SPA can be vulnerable and the ways those vulnerabilities can be fixed, then it teaches you how to implement those protection mechanisms with angular, without getting stuck on general development questions too much. It even shows the backend parts of those protection mechanisms. After completing the course I feel confident that I can protect the webapps I develop.
Alex B.
Web Developer, Hungary
If you are looking for a course to take you from just a front-end developer to a full-stack Angular/Node.js, then this is it. I have been an Angular contractor for a couple of years now and still learned some valuable tips for the front-end but the back-end has been invaluable to me for understanding how to build a highly secure full-stack application. The teacher is always there to help and really does care about you achieving the best from the course. He takes time to explain concepts in excellent weekly meetings where you will meet a great bunch of developers from all around the world and bounce new ideas off each other. Far better than the other Angular security courses I have taken in the past.
Rich W.
Developer, UK
Angular Academy is a great place to learn new skills or increase your current. The instructor is very kind and has a goal that you understand all the content, so there's a Community (Slack) that you'll be a part of so you can ask questions (or help answer them), talk personally with the instructor, and get to know the other students. One thing I really like about this course is that it's paced over a certain amount of time. You won't be overwhelmed with On-Demand videos, although later you'll have on-demand access forever, which also nice! Overall, I give this 5 out of 5 stars!
Kenny H.
Full-stack developer, USA
Bartosz brings in-depth knowledge and experience in Angular enterprise development. He gives tremendous value to the Angular community.
Brad Green
Engineering Director for Angular in Google
Bartosz's Angular training was probably the best I've attended so far. He always tried to explain everything in the way when both novice and experienced developer could understand it, but at the same time he spent not too much time on simple things - probably that balance was the most important personally for me.
Pavlo Baukov
Java developer
Bartosz is a able to conduct trainings with a great professionalism. I've attended his training on Angular and found it very useful, as Bartosz in a limited time frame provided both theoretical knowledge and practical exercises and eventually helped me to delve into front end web development.
Anton Danylov
.NET Team Lead
Recently I've participated in a training conducted by Bartek. I would say he is a very talanted trainer with individual approach to every student.
Andrii Tkach
Senior .NET developer at Luxoft
I've attended Bartosz's training for Angular 2 and want to say, that it is one of the best trainings I've visited. Bartosz kept us all the time focused on tha task and everybody was involved in the process. Four days past like a minute and I had a feeling, that I want to stay and continue learning. And at the same time we were able to cover a lot of topics and Bartosz gave us a direction for further learning.
Oleksandr Vorovchenko
Senior Frontend Developer
I had a true pleasure to attend a training led by Bartosz. Right away I was positively surprised with the level and attitude. Bartosz not only knows by heart the stuff he teaches, but really likes what he does. He was keen to answer all questions and also helped with practical excercies. He had everything under control. The ratio between theory and practical tasks was just right.
Jakub Niemyjski
Senior .Net Developer
Show more testiomials
Risk-free guarantee
The materials are designed to give you 10x more value than you expect. But, if for whatever reason you will not be satified, then you can write an email within 30 days since your purchase to bartosz@angular-academy.com and I will give you money back.
My goal is to help you and give as much value as possible.
Frequently Asked Questions
When does the registration start and end?
The registration starts 01.07.2020 and ends 08.07.2020 sharp at 8 PM GMT. After this time, it will not be possible to join the program. Although, there will be a waiting list open for the next edition of the program.
Why can't I join during the program?
The program is designed in such a way that all participants who started at the same time are progressing equally through it. Then, every participant will get the most out of the training.
Can I pay for the participation, but take part in the next edition?
Yes. Even more. You can take part in this edition and all of the next editions - free of additional costs.
How will the program be delivered?
The video lessons will be hosted on Teachable.com. The coaching sessions will be delivered via Zoom.us. Discussions will be held over closed Slack workspace.
Will I receive all the materials at once?
No. The Academy lasts for 12 weeks. In order for you to get the most of the program and facilitate joint-working with other students, each module is scheduled for one week. You will receive an access to the materials in each module every consecutive week, starting 01.07.2020.
When are the live coaching sessions going to be held?
To solve all the problems and answer the questions in the learning process, every week during the Academy, there will be a live coaching session (online class) organized for all the students.
How long do I have the access to the materials of the program?
You receive a life-time access to the program. It also means that if the course is extended with the new modules in the future, you will have the access to it, without any additional costs.
Do you provide any guarantee?
Yes, I do. Angular Academy offers 30 days money-back guarantee. If you don't find the program fitting your needs after 30 days of your purchase, you can ask for the refund - you just send an email to bartosz@angular-academy.com and you will receive your money back.
I don't have time to take such a comprehensive program. Is it for me?
In order to take advantage of the program you have to invest at least 1 hour a week. The materials are going to be concise and concrete to maximize the learning and minimize the time needed for it.
Will the price of the program rise?
Yes, it will rise in the future. The program is going to be improved and updated according to the participants needs.
Your teacher
  • Taught hundreds of developers around the World
  • Spoke at conferences like AngularUP, ngVikings, NG-Colombia, JSConf.be, HolyJS and more
  • Worked at companies like Credit Suisse, UBS, F-Secure, Tecnotree building enterprise software
  • Writes technical articles about full-stack Angular development
Bartosz Pietrucha
Angular Academy Founder
Supported by mentors in our Slack community
Is there another way?
Of course! You can be learning on your own, googling, writing questions on StackOverflow, etc. But it takes a lot of time...

What I am offering you is a MASSIVE shortcut in a supportive learning enviroment. Take a look at what Ales said.
Don't miss the deadline!
Join the Program
0
Days
0
Hours
0
Minutes
0
Seconds