Node.js Secure Coding - Liran Tal - ASW #286
Security Weekly Podcast Network (Video) · Security Weekly Productions
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Secure coding education should be more than a list of issues or repeating generic advice. Liran Tal explains his approach to teaching developers through examples that start with exploiting known vulns and end with discussions on possible fixes. Not only does this create a more engaging experience, but it also relies on code that looks familiar to developers rather than contrived or overly simplistic examples.
Segment resources:
- https://github.com/lirantal
- https://cheatsheetseries.owasp.org/cheatsheets/NPMSecurityCheat_Sheet.html
- https://lirantal.com/blog/poor-express-authentication-patterns-nodejs
Show Notes: https://securityweekly.com/asw-286