This project focuses on security aspects of hybrid apps that can be deployed on the web, native apps, IOS and Android with the same codebase. Keywords for technologies are ionic, electron, typescript, angular. These apps can speak with a backend API on a node.js server. Security challenges relate to the communication and API security of the back end and how to securely develop and deploy such modern apps. One approach can be to a proof of concept solution that follows "best practices".