Hagay has been busy building software for the past 15 years, and still enjoys every bit of it (literally)! He engineered and shipped products across various domains: from 3D cardiac imaging with real time in-vessel tracking, through semi-conductors fab systems that measures structures the size of molecules, and up to web apps that scale to millions of users world wide.
He is currently an Engineering Leader at AWS, working on AI and Deep Learning.
Web applications, be they thin websites or thick single-page apps, are notorious targets for cyber-attacks. In 2016, approximately 40% of data breaches originated from attacks on web apps — the leading attack pattern. Indeed, these days, understanding cyber-security is not a luxury but rather a necessity for web developers, especially for developers who build consumer-facing applications.
HTTP response headers can be leveraged to tighten up the security of web apps, typically just by adding a few lines of code. In this article, we’ll show how web developers can use HTTP headers to build secure apps. While the code examples are for Node.js, setting HTTP response headers is supported across all major server-side-rendering platforms and is typically simple to set up.