AppSec Israel 2016: NodeJS Security Done Right

Back To Schedule

NodeJS Security Done Right - The tips and tricks they won’t teach you in school

NodeJS, and JavaScript at large are quickly taking over software whether it is GitHub’s statistics for projects growth, the IoT industry, ChatOps projects written in JavaScript and Enterprises adoption is growing as well.
With this trend, it is imperative to review OWASP security practices and learn how to harden NodeJS Web Applications.

We will begin with a quick NodeJS intro and a few fail stories of how things can go wrong.
We will quickly dive into hands-on practical implementation of security measures to adopt in your current or future NodeJS project. Next I will show how to leverage widely adopted security tools for integration in the build and CI/CD process to audit and test for security vulnerabilities, as well as leveraging successful enterprise-level open source npm libraries to enhance your web application’s security.

In summary: in this session I will demonstrate:
* Securing ExpressJS by adopting mature and commonly used npm libraries
* Secure code guidelines for JavaScript software developers
* Integrating NodeJS security measures as part of your build CI/CD DevOps process

Speakers

Liran Tal

Developer Advocate, Snyk

Liran Tal is a Developer Advocate at Snyk and a member of the Node.js Security working group. He is a JSHeroes ambassador, passionate about building communities and the open source movement and greatly enjoys pizza, wine, web technologies, and CLIs. Liran is also the author of Essential... Read More →

Monday September 19, 2016 14:15 - 15:00
Main Auditorium

Track 1

Audience Builders
Language Hebrew
Technical Level Introduction

Attendees (62)

R
T
o
A
A
i
A
N
R
T
M
D
a
t
M
O
a
E
J
M
B
i
E
View All →

AppSec Israel 2016

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Liran Tal

Attendees (62)