WebRTC Security & Privacy Essentials

Current Status

Not Enrolled

Price

$400

Get Started

Take this Course

This course is work in progress.

You can purchase it now. You will be getting:

Whatever lessons got recorded already (half the course is available already)
The ebook, which has in it all the suggestions and best practices as well

During this period, the price is reduced by 35% and the time you’ll have the course accessible to you would be a year from the moment it gets fully published.

Course Content

Expand All

Introduction

Signaling 5 Lessons

Expand

Module Content

0% Complete 0/5 Steps

Be cautious when implementing auto-answer 10mins

Be extra cautious when optimizing call setup time 10mins

Don’t log IP addresses 10mins

Security of signaling traffic – user identifiers 10mins

Security of signaling traffic – validation of required fields 10mins

Media 8 Lessons

Expand

Module Content

0% Complete 0/8 Steps

Ephemeral passwords in TURN servers 10mins

Force TURN to hide users’ IP addresses 10mins

TURN servers run inside your firewall 10mins

Deciding IP and port ranges in advance 10mins

Use port 443 for running TURN and Media servers 10mins

Limiting access for known media workloads 5mins

Fuzzing media server traffic 10mins

Gate access to media server APIs 5mins

Clients 7 Lessons

Expand

Module Content

0% Complete 0/7 Steps

Web: User authentication in case of guest/anonymous users 10mins

Native: Require the use of up to date applications 10mins

Native: Keep track of libwebrtc releases 5mins

Native: Patch known security vulnerabilities 10mins

Native: Refrain from writing your own proprietary security implementations 10mins

Electron: Keeping up to date with Electron releases 5mins

Electron: Backporting security patches in Electron 5mins

UX/UI 3 Lessons

Expand

Module Content

0% Complete 0/3 Steps

Stricter access rules by default 5mins

Hard to guess room identifiers and URLs 10mins

Don’t use predictable URLs for assets 5mins

E2EE

Summary