Loading…
AppSec Europe 2018 has ended
                                                                                    ***Content is subject to change.***
View analytic
Friday, July 6 • 3:30pm - 4:15pm
Patterns in Node.js Package Vulnerabilities: What You can Learn from 1000+ Advisories to Secure Your Node Apps LIMITED

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

What's hardest to get right with Node.js at the moment? A recent survey reveals that Security is one of the top concerns for most of the Node.js developers. In this regard, over thousand publicly published Node package vulnerabilities could be our best companion.
Analyzing these vulnerabilities reveals useful insights regarding common security mistakes done by the package authors. This presentation brings forth distilled findings that would help the audience avoiding security issues in their own application code, conducting security reviews, and vetting external project dependencies.
This presentation covers statistics and patterns related to:
* Frequently occurring vulnerabilities
* Distribution of vulnerabilities by severity
* Effectiveness of CLI tools to detect insecure project dependencies
Further, the presentation highlights common programming mistakes behind some of the top vulnerabilities.
The information gained from this presentation would help the audience to avoid common security issues when developing their own Node.js packages and applications; or identify possible security vulnerabilities when conducting security-focused code reviews and penetration testing for the Node.js applications.

Speakers
avatar for Chetan Karande

Chetan Karande

Chetan Karande is a full-stack web developer, a security researcher, the author of Securing Node Applications (O’Reilly), and a contributor to multiple open source projects. He is a member of the Open Web Application Security Project (OWASP) and a project leader for the OWASP NodeGoat... Read More →


Friday July 6, 2018 3:30pm - 4:15pm
St James- 4th Floor QEII Centre Broad Sanctuary, Westminster, London. SW1P 3EE

Attendees (16)