I'm trying to dive into SaaS security and I'm on the lookout for some solid courses, YouTube videos, or articles that cover the topic in depth. I'm eager to learn as much as I can, but I'm not sure where to begin. I came across a comment that emphasizes the importance of not communicating directly with any vendor services from the front end for security reasons, as well as the need for flexibility in replacing services without heavy refactoring. This principle also applies to backend architecture, advocating for interface wrappers to simplify future updates when replacing external services. If anyone has good resources to help me kickstart my learning, I would really appreciate it!
1 Answer
Have you tried the OWASP Juice Shop? It's a purposely insecure web app that you can attempt to hack. Watching YouTube videos of people tackling it can give you a good perspective on the strategies hackers use, which might help you assess the security of your own applications.
Cool! I'll take a look. Thanks!