May 27, 2021

Offensive Security and the JavaScript Ecosystem

37 minutes

A discussion with Adam Baldwin

Key Topics on Access Control Podcast: Episode 4 – Offensive Security and the JavaScript Ecosystem

Auth0 is a platform that provides centralized login and identity for other companies.

The offensive security team at Auth0 is an internal team that is a trusted adversary that attempts to hack the company and then provides a report, which is something that a regular adversary on the internet won't provide.

Challenges faces as VP of Security at npm were scale and availability

— Keeping the registry online so that you could get your packages.

Malicious packages on npm were definitely a challenge. The damaging attacks were when an account was actually taken over.

The problem with 2FA is that it wasn't friendly for publishing.

One security tip for building new applications is having less attackable surface.

...more

View all episodes

By Teleport

33 ratings

May 27, 2021

Offensive Security and the JavaScript Ecosystem

37 minutes

A discussion with Adam Baldwin

Key Topics on Access Control Podcast: Episode 4 – Offensive Security and the JavaScript Ecosystem

Auth0 is a platform that provides centralized login and identity for other companies.

Challenges faces as VP of Security at npm were scale and availability

— Keeping the registry online so that you could get your packages.

Malicious packages on npm were definitely a challenge. The damaging attacks were when an account was actually taken over.

The problem with 2FA is that it wasn't friendly for publishing.

One security tip for building new applications is having less attackable surface.

...more

Share Offensive Security and the JavaScript Ecosystem

Sign up to save your podcasts

Offensive Security and the JavaScript Ecosystem

Offensive Security and the JavaScript Ecosystem