• Trainings
  • Blog
  • Talks
  • Team
  • About us
  • Contact
  • Search
  • Menu Menu
Get in touch

Angular Security

Remote or In-house | German & English

Trainer

Martina Kraus has been active in the world of web development since her early years and has become an expert in the field of web security over the years. As an Application Security Engineer, she focuses on integrating security best practices into all phases of software development. In her role as a Google Developer Expert (GDE), she also loves to spread knowledge about web security at national and international conferences, regularly organizes ngGirls events (free Angular workshops for women) and the German Angular conference NG-DE.

Offering Solutions Software - Fabian Gosebrink - Angular, .NET, Java & Agile
Duration2 Days
LevelIntermediate
LocationRemote or Inhouse
LanguageGerman & English
Get in contact

Dieser Kurs behandelt die Grundlagen der Websicherheit, einschließlich Einführung, Same-Origin-Policy und Cross-Site-Resource-Sharing, Konfiguration von Browsersicherheitsmechanismen, Umgang mit bösartigem JavaScript, Einführung in Cross-Site-Scripting (XSS), XSS-Abwehr in Angular, Verwendung von Trusted Types, Einsatz der Content Security Policy (CSP), sichere Frontend-Architekturen, Sandboxing nicht vertrauenswürdiger Inhalte, architektonische Sicherheitsmuster, Sicherung von Tokens im Browser, erweiterte OAuth 2.0/2.1 Sicherheit, Sicherheitsbegrenzungen von OAuth 2.x in Frontends, Einführung in das Prüfen auf Schwachstellen und Nutzung manueller sowie automatischer Werkzeuge zur Sicherheitsanalyse.

Topics

Einführung

  • Same Origin Policy und Cross Site Ressource Sharing
  • Konfigurieren von Browsersicherheitsmechanismen 
  • Umgang mit bösartigem JavaScript

Einführung in Cross-Site Scripting (XSS)

  • XSS-Abwehr in Angular / DomSanitizer
  • XSS-Fallen in Angular 
  • Verwendung von Trusted Types mit Angular

Einsatz der Content Security Policy (CSP)

  • Einführung in die CSP 
  • Häufige Sicherheitsfehler in CSP-Richtlinien 
  • CSP für Angular bereitstellen 
  • CSP in der Praxis 
  • Sichere Frontend-Architekturen

Sandboxing nicht vertrauenswürdiger Inhalte

  • Architekturelle Sicherheitsmuster 
  • Sicherung von Tokens im Browser 
  • Erweiterte OAuth 2.0/2.1 Sicherheit

Häufige OAuth 2.x und OIDC-Bereitstellungsmuster

  • Sicherheitsbegrenzungen von OAuth 2.x in Frontends 
  • Sicherung von Frontends mit einem Backend-For-Frontend (BFF)
  • Sicherheitsempfehlungen für die Verwendung von OAuth 2.x in  Angular

Einführung in das Prüfen auf Schwachstellen einer Webanwendung

  • manuelle und automatische Werkzeuge
  • statische und dynamische Analyse zum Scannen auf Sicherheitslücken
Book now

“Bester Kurs den ich bis jetzt hatte.”

Feedback Angular Advanced

“Diese Schulung war definitiv eine der besten, die ich bislang besuchen durfte.”

Feedback Angular Advanced

“Die Schulung war hervorragend!”

Feedback Angular Advanced

“Obwohl es ein Kurs für Fortgeschrittene war, konnten auch Anfänger gut folgen.”

Feedback Angular Advanced

“Obwohl es ein Kurs für Fortgeschrittene war, konnten auch Anfänger gut folgen.”

Feedback Angular Advanced

“NgRx Konzept sehr gut erläutert.”

Feedback Angular Advanced

“Sehr gut auf unsere Bedürfnisse eingegangen.”

Feedback Angular Advanced

“Exkurse und detaillierte Erklärung oder Wiederholung, wo notwendig.”

Feedback Angular Advanced

“Wir […] konnten direkt im Kurs den aktualisierten Code pullen und selbst ausprobieren.”

Feedback Angular Advanced

“Man spürt deutlich, dass Fabian sich aktiv & professionell mit Angular auseinandersetzt, nicht “nur” darüber doziert!”

Feedback Angular Advanced

“Fabian verfügt über ein sehr umfangreiches praktisches Wissen.”

Feedback Angular Advanced
PreviousNext
Book now

Also interesting

ANGULAR ARCHITECTURE WITH NX WORKSHOP

See more

Angular Testing Workshop

See more

Newsletter

Only the latest articles and announcements.
No spam. Promised.

Kontakt

What else?
Just click and say hello

E-MAIL
mail (at) offering.solutions

ADRESSE
Offering Solutions Software GmbH
Haldenstrasse 3
8357 Aadorf

SOCIAL

 
 

© 2025 Offering Solutions Software GmbH. | Impressum

Web & Grafikdesign von Ameisenhaufen.at

Scroll to top
Cookie-Manage consent
We use cookies and similar technologies (tracking pixels), as far as this is technically necessary for the provision of our services (e.g. language settings), as well as to the extent that you have given your consent to the processing (e.g. analysis and marketing cookies).

With these cookies, personal data is processed by us and by third parties (some of which are also based in the USA). The USA is not certified by the European Court of Justice as having an adequate level of data protection. There is a risk in particular that your data may be subject to access by US authorities for control and surveillance purposes, and that there will be no effective legal remedies available. By clicking on "Accept All", you agree that cookies may be used by us and by third parties (even in the USA). With the exception of the absolutely necessary cookies, which serve the proper functioning of the website and are not selectable, you can deselect the cookies for statistics and marketing.
Functional Always active
The technical storage or access is absolutely necessary for the lawful purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of transmitting a message over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access, which is used solely for anonymous statistical purposes. Without a subpoena, the voluntary consent of your internet service provider, or additional records from third parties, the information stored or accessed for this purpose alone can generally not be used to identify you.
Marketing
The technical storage or access is required to create user profiles, to send advertising or to track the user on a website or across multiple websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}