Web Security Fundamentals

Learn (and apply!) concepts that 99% of developers struggle with!

Concise hands-on course + tons of bonuses! 🤩

In this course, you will...

✔️ Learn about the most important Web security principle that dictates how browsers run the websites (Same-origin policy rules them all!),

✔️ Understand the reason behind CORS errors (yes, yes - this infamous No Access Control Allow Origin headers is present error!),

✔️ Build a standard cross-site scripting attacks prevention shield (yes, there is a standard way to prevent XSS),

✔️ Set up reporting features to catch attack attempts (yes, there are also standards for that!),

✔️ Create integrity checks on external scripts (again, to eliminate the risk of XSS attacks!),

✔️ Learn much more with the included bonuses! 😍

Practical coding laboratories

You will see the concepts applied in practice in dedicated laser-focused coding labs and play with them on your own

In-depth theory explanations

You will learn about all the WHATS and WHYS behind the presented concepts to have the crystal-clear understanding

Understand Web security model

Get confidence in building applications diving deep into the Web security model 🌐

  • Understand the lurking dangers and risks
  • Lock the website content with build-in policies
  • Relax restrictions only when necessary
  • Develop with maximum security and peace of mind

Play with real code examples

Gain total clarity with LABS presenting underlying concepts with practical examples (see it in action)

  1. Watch the explanation videos
  2. Download source code
  3. Run the examples
  4. Hit DevTools to analyze in-depth
  5. Apply in your projects

Protect your customers

Hackers are trying to break into Web-based systems over the Internet on daily basis. Unfortunately, when security is neglected they often succeed.
That results in significant financial losses, not to mention reputation damage for the companies. 😵
Step ahead and become a security hero! 🦸‍♂️


just €37 💥

What Academy students say

Opinions of my students from the Web Security Academy

Alex, Spain

"I am really impressed with the quality of the materials in the Academy. The content is designed in an easy-to-consume fashion and focuses on important aspects."

Gérôme, France

"With Web Security Academy, I found out a great opportunity to learn about security in-depth both on client and server sides."

David, Germany

"The content did not disappoint me and I learned exactly the things I needed to develop in this area. Good Job Bartosz!"

My work has an Excellent rating on TrustPilot
(click to check 👆)



Ultra-secure role-based access control in Angular & Node


  • ​​​​​​​The case of role-based application in the real world
  • Domain modeling for multi-user account system
  • Managing user permissions and roles efficiently
  • Designing a secure backend REST API for roles
  • Using UserAuth object to manage active sessions
  • Router Guards, Interceptors & Node Middlewares
  • Conditional UI components visibility HACK 🎃
  • BONUS: 7 must-know steps to making modern web applications secure as medieval strongholds! 🏰
  • Real-life DEMO and Q&A session 💬

Clickable PDF Web Application Security Checklist 📝

20 checkpoints helping to secure your web applications

Certificate of Graduation

Closed Slack community access 👻

Ask questions and build meaningful interactions with other students worldwide inside the exclusive Slack community

Bartosz Pietrucha


  • Taught thousands of developers worldwide
  • Holds a Master's degree in Computer Science
  • Spoke at conferences like AngularUP, ngVikings, NG-Colombia, JSConf.be, HolyJS and more
  • Worked for companies like Credit Suisse, UBS, F-Secure, Tecnotree building enterprise software
  • Runs WebSecurity Academy program

Lifetime access


just €37 💥

Get unlimited access to your learning materials and join the passionate community 🤩



The materials are designed to give you 10x more value than you expect. But, if for whatever reason you will not be satisfied, then you can write an email within 30 days since your purchase to [email protected] and I will give you the money back.

My goal is to help you and give as much value as possible.


This training is for developers who want to understand the WHAT, WHY, and HOW, instead of copy-pasting the code snippets from StackOverflow.

If you expect some dirty hacks or shortcuts, you will not find them here!

Tame the Web security model and build ultra-secure applications that hackers can't even touch!

Got Questions?

Feel free to email me at

[email protected]