Node Day - Node.js Security in the Enterprise
- 8. Enterprise Security in 3 min
Protect what makes you money
Availability is security
Measure & Iterate
It's not about the vulnerability
You will screw it up anyway
- 9. What this talk is about
Being informed & Prepared
!
The node security landscape
!
It's all node's fault
- 24. npm shrinkwrap example
curl -X POST https://nodesecurity.io/
validate/shrinkwrap -d @npmshrinkwrap.json -H "content-type:
application/json"
- 25. retire.js
Scan a web app or node app for
use of vulnerable JavaScript
libraries and/or node modules.
http://bekk.github.io/retire.js/
- 26. What is the greatest
vulnerability that you have
in the enterprise?