Sign up to save your podcasts
Or
Share 2018-044: Mike Samuels discusses NodeJS hardening initiatives
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
2018-044: Mike Samuels discusses NodeJS hardening initiatives
Mike Samuels
https://twitter.com/mvsamuel
https://github.com/mikesamuel/attack-review-testbed
https://nodejs-security-wg.slack.com/
Hardening NodeJS
Speaking engagement talks:
A Node.js Security Roadmap at JSConf.eu - https://www.youtube.com/watch?v=1Gun2lRb5Gw
Improving Security by Improving the Framework @ Node Summit - https://vimeo.com/287516009
Achieving Secure Software through Redesign at Nordic.js - https://www.facebook.com/nordicjs/videos/232944327398936/?t=1781
What is a package: (holy hell, why is this so complicated?)
A package is any of:
- a) a folder containing a program described by a package.json file
- b) a gzipped tarball containing (a)
- c) a url that resolves to (b)
- d) a @ that is published on the registry with ©
- e) a @ that points to (d)
- f) a that has a latest tag satisfying (e)
- g) a git url that, when cloned, results in (a).
https://medium.com/@jsoverson/exploiting-developer-infrastructure-is-insanely-easy-9849937e81d4
https://blog.risingstack.com/node-js-security-checklist/
https://www.npmjs.com/package/trusted-types
https://github.com/WICG/trusted-types/issues/31
View all episodes
By Bryan Brake, Amanda Berlin, and Brian Boettcher
4.7
9898 ratings
Mike Samuels
https://twitter.com/mvsamuel
https://github.com/mikesamuel/attack-review-testbed
https://nodejs-security-wg.slack.com/
Hardening NodeJS
Speaking engagement talks:
A Node.js Security Roadmap at JSConf.eu - https://www.youtube.com/watch?v=1Gun2lRb5Gw
Improving Security by Improving the Framework @ Node Summit - https://vimeo.com/287516009
Achieving Secure Software through Redesign at Nordic.js - https://www.facebook.com/nordicjs/videos/232944327398936/?t=1781
What is a package: (holy hell, why is this so complicated?)
A package is any of:
- a) a folder containing a program described by a package.json file
- b) a gzipped tarball containing (a)
- c) a url that resolves to (b)
- d) a @ that is published on the registry with ©
- e) a @ that points to (d)
- f) a that has a latest tag satisfying (e)
- g) a git url that, when cloned, results in (a).
https://medium.com/@jsoverson/exploiting-developer-infrastructure-is-insanely-easy-9849937e81d4
https://blog.risingstack.com/node-js-security-checklist/
https://www.npmjs.com/package/trusted-types
https://github.com/WICG/trusted-types/issues/31
More shows like BrakeSec Education Podcast
View all
Security Now (Audio)
2,011 Listeners
CyberWire Daily
1,028 Listeners
Smashing Security
317 Listeners
Strict Scrutiny
5,832 Listeners