Laravel Additional Security

This course focuses on ways to keep your Laravel database secure. It starts with supporting request and response security. First, we’ll discuss how Laravel supports semantic request verbs while still being compatible with browsers. Then, tools to protect against cross-site request forgery and cross-site scripting protection are examined. Then it describes the best practices for applying specific security-related headers to responses are reviewed. We then move on to the two types of scanning tools that can be used on a Laravel application: developer code-scanning tools and hacker attack tools. In this course, we talk about what tools you should run to scan your code and configuration for security holes and vectors of attack. Additionally, we discuss other tools that a bad actor might use against your website, so you can learn to use them against yourself first and protect yourself proactively. This course also covers two ways of interacting with bad actors: honeypots and tripwires. Tripwires, functionality that matches a specific restricted access and then actively alerts or blocks access, are discussed and demonstrated. Honeypots, functionality attached to the app to monitor suspected bad activity and report on it later, are also reviewed. Closing out this learning path, we’ll talk about what next steps to take to secure your Laravel application and stay connected with the community. You’ll learn how to stay in the know and see what new security weaknesses are out there and whether you’re affected. e.g. This is primarily aimed at first- and second-year undergraduates interested in engineering or science, along with high school students and professionals with an interest in programming.