Back To Schedule
Monday, October 8 • 9:00am - Wednesday, October 10 • 5:00pm
3-day training: Hands-on Secure Coding in Node.js LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

This course provides essential practical knowledge to build secure and resilient Node.js applications. It starts with a brief primer on Node.js fundamentals, related Idiosyncrasies, and then flows into exploiting and fixing the most common web application vulnerabilities, identified as the top OWASP 10 risks, and beyond.  
Topics covered include:
  • Node.js fundamentals
  •  Security implications of JavaScript language constructs and Node.js specific Idiosyncrasies  
  •  Client-side attacks and mitigations
  •  Building secure REST and GraphQL APIs  
  •  Building Authentication with JSON Web Tokens (JWT)  
  •  Securing data in transit and at rest
  •  Eliminating Security Misconfiguration pitfalls
  •  Common sources of Denial of Service attacks and mitigations
  •  Securing against Components with known vulnerabilities
  •  Logging & Monitoring
  •  Preparing for the Production Environment
  •  Security considerations for the Cloud and Serverless environment

During the course, participants will also gain valuable insights from the security mistakes frequently found in known Node package vulnerabilities.

This course includes a balanced combination of essential theory and hands-on lab exercises. With the practical knowledge gained during the class, participants can introduce a security culture into their teams and immediately improve the security posture of the Node applications they ship.  

avatar for Chetan Karande

Chetan Karande

Chetan Karande is a security researcher, speaker, and author of Securing Node Applications (O’Reilly). He is the project leader for the OWASP NodeGoat project and contributor to multiple open source projects.

Monday October 8, 2018 9:00am - Wednesday October 10, 2018 5:00pm PDT