ArturJS/nodejs-security-talk

Talk about NodeJS security + OWASP TOP 10 and possible ways to protect your app 🛡️

nodejs-security-talk

Talk about NodeJS security + OWASP TOP 10 and possible ways to protect your app 🛡️

Raw ideas

1. Briefly about security and OWASP TOP 10
2. What kind of security vulnerabilities does NodeJS have out of the box? Ryan Dahl thoughts and Deno. Would Deno become a silver bullet?)
3. Docker and containerization. What kind of security issues could this approach also have?
4. What about virtualization? (and the usage of this in USA minitary forces)
5. DDoS and how can we cope with that?
6. ToDo Implement...

Potentially useful links:

• https://github.com/OWASP/NodeGoat
• https://snyk.io/blog/ten-npm-security-best-practices/
• https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_security_cheat_sheet.html
• https://geekflare.com/nodejs-security-scanner/
• http://scottksmith.com/blog/2015/06/15/secure-node-apps-against-owasp-top-10-authentication-and-sessions/
• https://medium.com/@nodepractices/were-under-attack-23-node-js-security-best-practices-e33c146cb87d