NODE.JS Security Webinar

[Chad Cottle]

 
WEBCAST
 
Node.js: Successful, exciting... and bares security risks
WHEN: Tuesday, June 09 at 11:00 AM EDT (15:00:00 UTC)
Featuring: Amit Ashbel
https://www.sans.org/webcasts/nodejs-successful-exciting-bares-security-risks-100097
Sponsored By: Checkmarx  https://www.checkmarx.com/
 
Five years after its debut, it seems that node.js has become the most
popular cross platform runtime environment for server side applications
written in JavaScript.
There is no argument about the power of node.js however as with any
coding language or framework, security issues are just around the corner
waiting to be picked up.
 
In this talk, we discuss new attack techniques against applications
built on top of the Node.js language.
Attacks include:
- Application-layer DDoS attacks. Bringing a server to its knees with
just 4(!) requests.
- Forgot your Password? - Let's see if we can guess it for you.
- Business logic attacks. Running malicious code on all machines of
users of the applications when exploiting a weak business feature