Sign up to save your podcasts
Or
Share 19: Node.js Application Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
19: Node.js Application Security
Chetan Karande (@karande_c), talks about Node.js App security and ways developers can prevent attacks. He goes into detail about working with Express.js in particular, NodeGoat, & his work with OWASP. Chetan is a team lead and senior software engineer at Omgeo and frequently speaks at conferences about JavaScript, Front End Technologies, Java, & Node.js.Resources:
Chetan’s Twitter - https://twitter.com/karande_c
Chetan’s G+ - https://plus.google.com/103318808082524392883
FluentConf Interview - https://www.youtube.com/watch?v=BLd5xLXSz1A&index=29&list=PL055Epbe6d5bab7rZ3i83OtMmD-d9uq2K
FluentConf Slides - https://speakerdeck.com/ckarande/top-overlooked-security-threats-to-node-dot-js-web-applications
jssummit - http://environmentsforhumans.com/2014/javascript-summit/
omgeo- https://www.omgeo.com/
node.js vulnerabilities http://blog.nodejs.org/vulnerability/
Express vulnerabilities - http://expressjs.com/advanced/security-updates.html
node security project - https://nodesecurity.io/advisories
node-goat - https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project
retire.js - http://open.bekk.no/retire-js-what-you-require-you-must-also-retire
OWASP ZAP Proxy - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
grunt-zap - https://www.npmjs.org/package/grunt-zaproxy
chetan github - https://github.com/ckarande
CVSS (Common vulnerability Scoring System) - http://nvd.nist.gov/cvss.cfm?calculator&version=2
ReDos RegEx Test Tools -
RXRR - http://www.cs.bham.ac.uk/~hxt/research/rxxr-download.shtml)
SDL RegEX Fuzzer - http://www.microsoft.com/en-us/download/details.aspx?id=20095
View all episodes
By The Web Platform Podcast
4.6
1818 ratings
Chetan Karande (@karande_c), talks about Node.js App security and ways developers can prevent attacks. He goes into detail about working with Express.js in particular, NodeGoat, & his work with OWASP. Chetan is a team lead and senior software engineer at Omgeo and frequently speaks at conferences about JavaScript, Front End Technologies, Java, & Node.js.Resources:
Chetan’s Twitter - https://twitter.com/karande_c
Chetan’s G+ - https://plus.google.com/103318808082524392883
FluentConf Interview - https://www.youtube.com/watch?v=BLd5xLXSz1A&index=29&list=PL055Epbe6d5bab7rZ3i83OtMmD-d9uq2K
FluentConf Slides - https://speakerdeck.com/ckarande/top-overlooked-security-threats-to-node-dot-js-web-applications
jssummit - http://environmentsforhumans.com/2014/javascript-summit/
omgeo- https://www.omgeo.com/
node.js vulnerabilities http://blog.nodejs.org/vulnerability/
Express vulnerabilities - http://expressjs.com/advanced/security-updates.html
node security project - https://nodesecurity.io/advisories
node-goat - https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project
retire.js - http://open.bekk.no/retire-js-what-you-require-you-must-also-retire
OWASP ZAP Proxy - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
grunt-zap - https://www.npmjs.org/package/grunt-zaproxy
chetan github - https://github.com/ckarande
CVSS (Common vulnerability Scoring System) - http://nvd.nist.gov/cvss.cfm?calculator&version=2
ReDos RegEx Test Tools -
RXRR - http://www.cs.bham.ac.uk/~hxt/research/rxxr-download.shtml)
SDL RegEX Fuzzer - http://www.microsoft.com/en-us/download/details.aspx?id=20095