What you don't know can hurt you
What you don’t know can make life hard for you. Adam talks about security in large deployments of NodeJS.
Adam is a co-founder of Lift Security and is Chief Security Office at &yet. &yet performs security audits for node.
npm install socket.iois often incorrectly typed as
npm install socketio. This makes it easy to create a malware package of
socketiowhich will be rapidly installed by a large number of developers.
What is the greatest vulnerability? - An item on the OWASP Top 10? - Developers
Developers are greatest threat to security. The solution is developer education.
Peer reviews have a large positive effect on code quality. Code reviews should be a standard part of your process.
The Node/JS community should copy best practices for security from other languages / communities.
We specialize in helping professional developers, like you, expand your skill set. Our courses are focused on enabling you to learn everything necessary to use a new technology in a live, production application.
All courses are made with love in
Palo Alto, CA.
Subscribe to our newsletter