AppSec Israel 2016: NodeJS Security Done Right

NodeJS Security Done Right - The tips and tricks they won’t teach you in school

NodeJS, and JavaScript at large are quickly taking over software whether it is GitHub’s statistics for projects growth, the IoT industry, ChatOps projects written in JavaScript and Enterprises adoption is growing as well.
With this trend, it is imperative to review OWASP security practices and learn how to harden NodeJS Web Applications.

We will begin with a quick NodeJS intro and a few fail stories of how things can go wrong.
We will quickly dive into hands-on practical implementation of security measures to adopt in your current or future NodeJS project. Next I will show how to leverage widely adopted security tools for integration in the build and CI/CD process to audit and test for security vulnerabilities, as well as leveraging successful enterprise-level open source npm libraries to enhance your web application’s security.

In summary: in this session I will demonstrate:
* Securing ExpressJS by adopting mature and commonly used npm libraries
* Secure code guidelines for JavaScript software developers
* Integrating NodeJS security measures as part of your build CI/CD DevOps process

Speakers

Liran Tal

Developer Advocate, Snyk

Liran has been advocating for Node.js and JavaScript, through core lead for the MEAN.js framework, docker container tool Dockly, and author of several npm packages.He’s a member of the Node.js Security WG, the author of Essential Node.js Security, and a core contributor on the OWASP... Read More →

Monday September 19, 2016 14:15 - 15:00
Main Auditorium

Track 1

Audience Builders
Language Hebrew
Technical Level Introduction

Attendees (62)

R
T
o
A
A
i
A
N
R
T
M
D
a
t
M
O
a
E
J
M
B
i
E
View All →

AppSec Israel 2016

Log in to save this to your schedule and see who's attending!

Liran Tal

Attendees (62)

Recently Active Attendees