[panorama]

Web security because I'm a web developer who definitely builds unsecure applications. Unfortunately (and incorrectly, IMO) the full stack dev market doesn't really value security too much as it pertains to marketable job skills. For instance, I spend my time improving my Javascript skillset which has a greater impact on my bottom line at the moment.

[semicolondev]

If you can identify you're writing insecure code or building insecure apps you are just being lazy to do it proper way. Web security IMO isn't about learning a new thing, these are concepts that are part of the development flow.

Good resources to start with:

OWASP Top Ten Project https://goo.gl/yv6D4t

OWASP REST Security Cheat Sheet https://goo.gl/93VPKD

[panorama]

Thanks for the resources. Not sure if calling me lazy is fair, I don't know what I don't know, but I'm almost certain my code isn't 100% bulletproof. Not because I see something blatantly broken and just decide not to fix it.