How to secure NodeJS

In this protuberance episode of the Exploring Information Security podcast, Max McCarty joins me to discuss how to secure NodeJS.

Max (@maxrmccarty) has a great course called Securing Your Node.Js Web App available on Pluralsight. The course is five and a half-hours long, walking through the basics on security. Security for NodeJS is not unlike security for other languages and technologies. If you can secure other web apps you can secure NodeJS.

In this episode we discuss:

  • What is NodeJS
  • How Max got started in NodeJS
  • Why it's important to secure NodeJS
  • How to secure NodeJS

More resources:

What is the Node Security Platform?

In this devtastic episode of the Exploring Information Security podcast, Adam Baldwin joins me to discuss the Node Security Platform (NSP).

Adam (@adam_baldwin) is the team lead at Lift Security and founder of the Node Security Platform. NSP is one of the simplest tools to put into a development life cycle for NodeJS. It checks for vulnerable packages in an environment during pull requests or builds. This allow developers to quickly and easily identify packages that put their applications at risk.

In this episode we discuss:

  • What is nsp?
  • How it should be used?
  • Where it should be used?
  • How to use it.

Resources: