Computer security talks are too often filled with theoretical computer scientists telling us about how the end is nigh. Don’t get me wrong, I love knowing the nitty details of cryptographic algorithms, but a whole lot of web developers don’t.
https://leaddev.com/technical-direction/practical-web-security