Who This Course Is For?

This course is intended for the everyday software engineer that develops web applications.

Most of us prefer to spend our time reviewing interesting repositories on GitHub or skimming through a Google developer advocate’s Twitter feed to find cool announcements. Few of us spend time focusing on the boring parts of web development like hardening HTTP cookies with the correct flags.

Truth be told, security is as rewarding as writing code. When it works, you should celebrate your approach and start a round of high-fives with your colleagues.

Software engineers, students, and non-web software engineers

Besides the everyday software engineer, this course is an interesting read for a few other folks:

  • Students or novice programmers. This course will cover technical aspects without digging too deep: we’ll talk about HTTPS, but there’s no need to deep-dive into how the Diffie-Hellman key exchange algorithm works.
  • Non-web software engineers: This course will prove to be an interesting introduction to security on a platform you seldom work with.

This course assumes the average reader has a basic knowledge of web technologies such as browsers, HTML, and JavaScript. You will not need to know the difference between var and let, but rather how scripts are loaded and executed when a browser renders a web page.

In the next lesson, we’ll talk about how this course is formatted.