[semicolondev]

If you can identify you're writing insecure code or building insecure apps you are just being lazy to do it proper way. Web security IMO isn't about learning a new thing, these are concepts that are part of the development flow.

Good resources to start with:

OWASP Top Ten Project https://goo.gl/yv6D4t

OWASP REST Security Cheat Sheet https://goo.gl/93VPKD

[panorama]

Thanks for the resources. Not sure if calling me lazy is fair, I don't know what I don't know, but I'm almost certain my code isn't 100% bulletproof. Not because I see something blatantly broken and just decide not to fix it.