Node.js Security @ NDC London 2017
by Ilya Verbitskiy
In the last few years, we have seen tremendous growth of technologies: mobile devices, clouds, virtual reality, and the Internet of Things. We can do shopping, buy tickets, talk to friends and families from a mobile phone, a tablet, a TV, a… (you can put any of the next big things here). But there is the Darkside. Sony, Apple, Adobe, Target, Home Depot, and many other small and big companies have been hacked recently. The number of cyberattacks is not going down, it is going up every day. And the situation will only get worse.
Node.js is one of the fastest-growing platforms nowadays. Are you sure that your application is secure? How is about injection attacks on MEAN stack? I am going to talk about Node.js security considerations and show security best practices applied to Node.js application.
The audience will learn:
Node.js/Express.js security overview
Node.js cryptography overview
How to protect your Express.js application (authentication, logging, security middleware)
How to prevent OWASP TOP 10 in Node.js/Express.js application
Tools which will help you to protect the application, e.g. ScanJS