Ramona Schwering

A cryptic videotape haunting its viewers, a shape-shifting entity haunting a research station, or an astronaut unknowingly carrying an alien onto a spaceship —do these scenarios sound familiar? These horror movie plots share similarities with scenarios in web security you have already encountered.Join me on a chilling journey through web security as we explore the most common vulnerabilities through the lens of horror movies. From the sinister injection flaws reminiscent of "Alien" to the terrifying specter of broken authentication akin to "Unfriended". But don't worry, we'll also shed light on solutions in web development, turning these security nightmares into tales of triumph. If you dare, join us and learn how to conquer the darkness invited by your web applications.

Web security is crucial in a constantly evolving environment where potential threats are always present. To better understand this concept, we can imagine our web application as a garden or a home that needs to be protected from possible attacks. We can draw parallels with the popular game "Plants vs. Zombies," which aims to safeguard your garden from intruders.

Our automated tests function as diligent guardians whose primary objective is to identify and address potential vulnerabilities, much like the diverse plant arsenal in the game. Instead of framing the security process as a never-ending fight, we will explore how automated tests act as defenders against possible issues, whether they are zombies or intruders. Next to an overview of tools you can utilize, we emphasize the importance of fundamental testing types, such as unit or end-to-end tests, in securing your digital garden.

This is my draft slide deck: https://speakerdeck.com/leichteckig/plants-vs-thieves-automated-tests-in-the-world-of-web-security. I'm thinking about replacing the code snippets with videos or live coding.

After my session, the Attendees will better understand the tools to choose from. However, there are other focuses than this - I'd like to highlight how to ensure web security by using fundamental testing types like unit or End-To-End tests to keep the maintenance and learning curve low. A nice side effect will be the showcase of common security threats by seeing the tests used to catch them. 
- The attendee will learn an overview of the tools you choose from
- The Attendee will explore options to use test automation to improve web security without the need for new dependencies

This talk is rather framework-agnostic. However, Testing and Security are highly relevant topics for the React community, as both secure a high-quality application and protect users and features. Security is essential, especially nowadays. My talk combines Security and Testing. Both can be daunting, too, so I'd love to help the viewers build their applications securely. 

In today's world, prioritizing your application's security is crucial. All the data stored in it should be kept safe and protected, just like the inhabitants of a fortress that rely on high walls for their defense. However, history and movies have shown that even the most robust walls can't withstand an attack if weak points can be exploited. This is also true for VueJS applications.
Join me for a concise, practical session on fortifying your Vue.js apps against security threats and implementing best practices.

In the ever-evolving landscape of modern single-page applications, VueJS stands out but also presents us with challenges. Among them, authentication is crucial: ensuring the user's identity and securing their journey within your application. Fear not; we're here to guide you through these exciting frontiers. In my session, I'll unravel the secrets of authentication in VueJS applications, making it a delightful learning journey for everyone while keeping the focus on the most critical parts. I'll provide an overview of an authentication flow, break down each step, and demystify the role of JWT tokens in the process. 
Whether you're a seasoned VueJS developer or just getting started, you're welcome. A dash of prior experience with user authentication certainly doesn't hurt, but it's optional. 
Target audience: Web Developers of all levels who want to learn about security topics and best practices.
Key learnings:- Giving a small introduction to the most essential terms and concepts of Authentication;- VueJS is used as an example, but the concepts will be agnostic.

Automated performance testing can help detect the harmful effects of code changes on application performance. Learn how to use tools like Lighthouse and Web Core Vitals in your CI and set performance thresholds to maintain optimal frontend performance in this session.

Visual testing compares the appearance of your application with a previous state. If changes become visible, you can allow them or not. So you or your testers have their eyes everywhere - without needing to check manually repeatedly. I've been using visual testing for a while, saving my neck a few times. Let's look at my journey together and explore if and how visual testing can also help your projects.

It’s a trap” - a call or feeling we all might be familiar with, not only when it comes to Star Wars. It’s signalizing a sudden moment of noticing imminent danger. This situation is an excellent allegory for an unpleasant realization in testing. Imagine having the best intentions when it comes to testing but still ending up with tests failing to deliver you any value at all? Tests who are feeling like a pain to deal with?
When writing frontend tests, there are lots of pitfalls on the way. In sum, they can lead to lousy maintainability, slow execution time, and - in the worst-case - tests you cannot trust. But it doesn’t have to be that way. In this session, I will talk about developers’ common mistakes (including mine), at least from my experience. And, of course, on how to avoid them. Testing doesn’t need to be painful, after all.