Patterns in Node.js vulnerabilities
Chetan Karande shares the findings from an analysis of over a thousand publicly known Node.js vulnerabilities. With intuitive data visualizations and statistics, Chetan details trends over last five years, explores common security mistakes made by Node.js package authors, and explains how you can prevent these issues in your own code.
| Talk Title | Patterns in Node.js vulnerabilities |
| Speakers | Chetan Karande (DTCC) |
| Conference | O’Reilly Fluent Conference |
| Conf Tag | The Web Platform in Practice |
| Location | San Jose, California |
| Date | June 12-14, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
More than 500 Node.js packages get published to npm every day, and security researchers consistently discover and publish vulnerabilities found in these packages. Analysis of these vulnerabilities reveals some valuable insights for Node.js developers and security testers. Chetan Karande shares the findings from an analysis of over a thousand publicly known Node.js vulnerabilities. With intuitive data visualizations and statistics, Chetan details trends over last five years, explores common security mistakes made by Node.js package authors, and explains how you can prevent these issues in your own code. Topics include:
