English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 0h 57m | 339 MB
How can you protect your Node.js applications from potential threats? In this course, Emmanuel Henri shares best practices that can help Node.js developers secure their apps at all levels, from packages to the server level. Emmanuel helps to familiarize you with the most common security risks in Node.js., including cross-site scripting and server-side injection. He dives into best practices around packages, data, and the server level. Plus, he covers tools—such as Snyk and Burp—that you can use to test your Node.js projects.
Topics include:
- OWASP resources and security threats
- Cross-site scripting and denial of service attacks
- Managing packages in a Node.js app
- Adding two-factor and read-only tokens with npm
- Using prepared statements for SQL/NoSQL
- Encrypting user data and session management
- Adding HTTPS protocol to an application
- Using cookie attributes
- Tools for testing
Table of Contents
Introduction
1 Securing your Node.js projects
2 What you should know
Security Overview
3 Introduction to OWASP and other sources
4 OWASP top 10 in Node.js
5 Overview of cross-site scripting
6 Overview of denial of service
7 Overview of server-side injection
Best Practices – Packages
8 Hands-on base template overview
9 Maintain package dependencies
10 Add two-factor and read-only tokens with npm
Best Practices – Data
11 Data handling with type and validation
12 Use prepared statements for SQL NoSQL
13 Set proper HTTP headers with Helmet
14 Encrypt user data and session management
Best Practices – Server Level
15 Use secure HTTPS protocol
16 Rate limiting against DoS attacks
17 Use csurf to prevent CSRF attacks
18 Use cookie attributes
Tools for Testing
19 Introduction to OWASP dependency check
20 Find vulnerabilities with Snyk
21 Penetration testing with Burp
Conclusion
22 Next steps
Resolve the captcha to access the links!