Web Rush

Episode 22: Secure Javascript with npm with Adam Baldwin

Listen Later

Recording date: 2019-01-31

John Papa @John_Papa

Ward Bell @WardBell

Adam Baldwin @adam_baldwin

Resources:
  • Details about the Event Stream Incident
  • News about the Event Stream Incident
  • Greenkeeper.io
  • Package Locks
  • Synk.io
  • npm Audit
  • Comparing npm audit with Snyk
  • Private Packages
  • Ways to Have Your Private npm Registry
  • The Rogue Gallery of Cybersecurity Bad Actors
  • FaceTime Audio Bug
  • Two Factor Authentication
  • HaveIBeenPwned
  • How Serverless Works to Manage HaveIBeenPwned
    • Someone to follow
    • @RachelTobac
    • @Fox0x01
    • @ReyBango
    • TroyHunt
    • @ManfredSteyer / Softwarearchitekt.at
    • @ShmuelaJ / NG-Girls.org
    • @JenLooper
      • Timejumps
      • 00:57 Guest Introduction
      • 02:23 Javascript security in the news
      • 05:29 Should we be worried about this happening again?
      • 06:54 What's the best course of action when you see security warnings?
      • 08:56 What is Greenkeeper?
      • 10:18 Sponsor: Nativescript
      • 10:52 Comparing npm audit and snyk
      • 14:33 What do people who want to have a corporate acccount do?
      • 21:22 Using a real world example
      • 24:08 Are there times where it can't figure out what to do?
      • 26:16 Isn't there a way to just keep malware out of the registry?
      • 28:22 Sponsor: IdeaBlade
      • 29:23 What's a bad actor?
      • 34:17 FaceTime group call bug
      • 36:05 Recommended tips for security
      • 39:34 What's the state of 2 factor auth?
      • 42:31 When we pass software to clients, how can we secure things?
      • 45:08 Someone to follow
        • ...more
        View all episodesView all episodes
        Download on the App Store
        Web RushBy Dan Wahlin, John Papa, Ward Bell, Craig Shoemaker
        • 4.9
        • 4.9
        • 4.9
        • 4.9
        • 4.9

        4.9

        37 ratings