Securing Your Node.js Web App

Understanding the security risks that threatens a Node.js web application is crucial to its success. This course aims at providing functional mitigations to apply to your application against those vulnerabilities.
Course info
Rating
(46)
Level
Intermediate
Updated
Dec 14, 2016
Duration
5h 21m
Table of contents
Course Overview
Introduction to Hackers Hall
Proper User Authentication
Session Management
Securing MongoDB from Injection Attacks
Handling Untrusted Data
Access Controls
Defending Against Cross-site Scripting (XSS)
Securing Your Connection
Description
Course info
Rating
(46)
Level
Intermediate
Updated
Dec 14, 2016
Duration
5h 21m
Description

Since its creation in 2009, Node.js has seen exponential growth in its community of users and the applications they are building. With the drive towards a connected society, the need for web applications has never been greater. Yet, despite the push to connect the world as we know it, businesses of all sizes fall victim to data breaches everyday. The security risks that a Node.js based web application face are no different than any other web application. This course, Securing Your Node.js Web App, will empower you with both the understanding of various web based security risks and how to apply the proper mitigation in your Node.js web application. First, you'll learn about implementing proper authentication and session management. Next, you'll explore how to protect your MongoDB database from injection attacks and how to handle untrusted data - a key player in many of the risks you'll look at. Finally, you'll wrap up by learning how to control application and user authorization to key access areas and the benefits of serving our application over HTTPS. By the end of this course, you'll be on your way to building a significantly more secure Node.js web application.

About the author
About the author

Max McCarty is the founder and owner of the software security site LockMeDown.com and hosts the popular Lock Me Down Podcast. As a senior software engineer, Max’s focus is on software security and empowering the everyday developer with the information to write more secure software.