How to Harden Your Electron App

Discover how to enhance the security of your Electron app in this 22-minute conference talk from NorthSec 2021. Learn from Mitchell Cohen, Product Lead at 1Password, as he shares insights on building a secure password manager using a framework notorious for security vulnerabilities. Explore threat modeling techniques, proper separation of concerns, and essential documentation practices to achieve your app's security goals. Gain valuable knowledge about the security model implemented in 1Password's Electron-based frontend, common pitfalls to avoid, and practical applications for your own projects. Get introduced to a hardened Electron starter kit and learn how to test its security features. Understand the challenges and solutions involved in creating a secure web app for sensitive data management, drawing from 1Password's experience in developing their Linux desktop client. Benefit from Cohen's expertise in delivering usable security across browsers and desktops, and gain insights applicable to various software development scenarios.

NSEC2021 - Mitchell Cohen - How to harden your Electron app