Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
Let's talk about what we mean by security in this course and what we'll cover.
This video doesn't have any notes.
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
[MUSIC]
0:00
Hi, I'm Kenneth, one of the biggest
challenges we all have as developers,
0:04
is making sure that we
keep our users secure.
0:08
Most users expect us as the people
making the software they use every day,
0:11
to keep them secure in two specific ways,
the data they send to us and
0:14
each other shouldn't be snooped on, and the data they
store with us should be read only by us.
0:18
We also have one other area we definitely
need to be concerned with, and
0:23
that's preventing attacks, or minimizing
any damage done by those attacks.
0:26
How many of us have had their email
address or password leaked from an attack?
0:31
I bet every single one
of you nodded just then.
0:34
Security, as you may or
0:37
may not be aware, is a very rapidly
shifting part of our world.
0:38
New forms of attacks spring up everyday.
0:42
Old best practices are found to be
vulnerable due to advances in hardware And
0:44
other developers, and companies,
find better ways to keep information safe.
0:47
Since this is such
a rapidly evolving area,
0:51
I won't be giving you
specific code to use.
0:53
Instead, I'll be sharing effective tools,
approaches, and resources.
0:55
You can use these as a jumping off
place for your own research and
0:58
implementations in your language or
framework of choice.
1:01
Yeah, I know it sounds like
I'm just giving you homework.
1:04
But wouldn't you rather do that research
than implement something now and
1:06
ignore it for
a year until it's compromised, and
1:09
you have to tell your customers that
the passwords have been leaked.
1:10
Yeah, I'd rather do the googling too.
1:13
To save you some time, though, be sure to
check the teacher's notes in each video,
1:15
where I'll be putting links
to resources online and
1:18
here at Treehouse to help you on your way.
1:20
There are many different attack vectors
that you may need to be worried about.
1:23
Especially when dealing
with storing data and
1:26
enabling communications
between your users.
1:28
The ones we're going to
cover in this course are.
1:30
Hashing to keep secrets from everyone and
to verify content.
1:32
Encryption to keep sensitive data
locked away from unauthorized eyes.
1:36
Identifying and validating users.
1:39
What data you should not store and more.
1:41
This is a vast topic area.
1:45
Security and data security both.
1:46
So we can't hope to cover
everything in just one course.
1:48
As we go through this course I'll point
out places where other teachers or
1:51
myself will cover topics
in greater detail.
1:54
Either because they're just too big and
demand a course of their own or because
1:56
they're addressed in specific ways in each
language framework Another thing we will
1:59
be talking about is risk assessment and
management and reducing your tax services.
2:03
Knowing where you're likely to be
attacked is a great first step to
2:07
making sure your data and
communications are safe as possible.
2:10
One of the roles l try to defy as
customer security is concerned,
2:14
is that am not being paranoid enough.
2:17
Now, this doesn't mean I walk around with
a tin foil hat on or anything like that.
2:19
But just a general awareness that anything
that can be used to attack a system
2:22
will eventually be used to attack it.
2:26
But the cool thing is if you
know an attack can happen
2:27
you can take steps to prevent it.
2:30
Yeah you're worried about lots of things
but you can also be empowered and
2:31
confident that you're
taking steps against them.
2:34
On that note let's get started
by talking about risks.
2:37
You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up