Most developers have no idea what DDOS, XSS, CSP, HSTS, etc. are, but they're critical to the availability and security of a web application. This video covers some of the latest improvements in Web PKI (SSL/TLS) that a website should absolutely be using for their web stack.
The PKI / TLS discussion is especially relevant given the continued turmoil around governments snooping on end user traffic. There are few resources on the web that review how you should configure SSL/TLS, and this talk will go over the proper setup to make sure web application end users are protected.
Editor's note: This video was originally recorded in March 2015 at the O'Reilly Software Architecture Conference.