Security is every developer's responsibility. This hub explores secure coding, authentication, common vulnerabilities, and practical security patterns — the defenses that keep applications and their users safe.
59 articles · Updated June 23, 2026
You don't need to be a penetration tester to write secure code — but you do need to know how the common attacks work.
Hand-picked and latest articles from this topic.
Beginner-friendly guides to help you learn the fundamentals.
Plain-English explainers for core concepts related to this topic.
Two-factor authentication adds a second verification step beyond your password, making accounts much harder to compromise.
Read guideA firewall monitors and filters network traffic based on security rules, acting as a barrier between trusted and untrusted networks.
Read guideCross-site scripting is an attack where malicious scripts are injected into trusted web pages and run in other users' browsers.
Read guideHashing converts data of any size into a fixed-length fingerprint that can't be reversed, used for integrity checks and password storage.
Read guideEncryption scrambles data using a key so only authorized parties can read it, protecting information in transit and at rest.
Read guideSQL injection is a security vulnerability where attackers inject malicious SQL code, preventable with parameterized queries.
Read guideCurated tools, docs, and communities worth bookmarking.
Quick answers about this topic hub.
Validate and sanitize all input, use parameterized queries to prevent injection, hash passwords properly, keep dependencies updated, and never trust the client. The OWASP Top 10 is the standard starting point.
It's a regularly updated list of the most critical web application security risks — things like injection, broken authentication, and misconfiguration. It's the industry's go-to checklist for prioritizing defenses.
Never store them in plain text. Use a slow, salted hashing algorithm designed for passwords such as bcrypt, scrypt, or Argon2. Better still, offload authentication to a trusted provider when you can.