Securing Your Node.js Web App

Understanding the security risks that threatens a Node.js web application is crucial to its success. This course aims at providing functional mitigations to apply to your application against those vulnerabilities.
More
Understanding the security risks that threatens a Node.js web application is crucial to its success. This course aims at providing functional mitigations to apply to your application against those vulnerabilities.
More
Since its creation in 2009, Node.js has seen exponential growth in its community of users and the applications they are building. With the drive towards a connected society, the need for web applications has never been greater. Yet, despite the push to connect the world as we know it, businesses of all sizes fall victim to data breaches everyday. The security risks that a Node.js based web application face are no different than any other web application. This course, Securing Your Node.js Web App, will empower you with both the understanding of various web based security risks and how to apply the proper mitigation in your Node.js web application. First, you'll learn about implementing proper authentication and session management. Next, you'll explore how to protect your MongoDB database from injection attacks and how to handle untrusted data - a key player in many of the risks you'll look at. Finally, you'll wrap up by learning how to control application and user authorization to key access areas and the benefits of serving our application over HTTPS. By the end of this course, you'll be on your way to building a significantly more secure Node.js web application.

Hi everyone, my name is Max McCarty and welcome to my course Securing your Node.js Application. I am a Software engineer in Pittsburgh Pennsylvania and host of the Lock Me Down Podcast

Why learn about this topic?:
1. Since its creation in 2009, Node.js has seen exponential growth in its community of users and the applications they are building
2. And the drive towards a connected society, the need for web applications has never been greater.
3. Even companies such as Wall Street Journal, Ebay, GoDaddy, Microsoft and Ancestry.com have embraced node for various needs.
4. Yet, despite the push to connect the world as we know it, businesses of all sizes fall victim to data breaches everyday.
5. With over 5,000 data breaches reported since 2005, we clearly still have a problem. 6.Which brings us to why we are here.
7. Web application security isn’t going anywhere and it isn’t getting any easier to securely host users personal and financial information.

In this course, not only will we implementing the code to mitigate major security threats our web application will face, but also introduce you to a number of security testing tools along the way.

We’ll be tackling areas such as
1. Implementing proper Authentication and Session Management
2. Protecting our MongoDB database from Injection attacks
3. How to Handling Untrusted data, a key player in many of the risks we’ll look at
4. How to control application and user authorization to key access areas
5. The benefits of serving our application over HTTPS

By the end of this course you’ll be on your way to building a significantly more secure node.js web application, because someone or some company's application will be the next victim of a data breach, the question is, “Will it be yours?”.

I really enjoyed building this course, and I hope you’ll enjoy watching.

Table of Contents
Description
Since its creation in 2009, Node.js has seen exponential growth in its community of users and the applications they are building. With the drive towards a connected society, the need for web applications has never been greater. Yet, despite the push to connect the world as we know it, businesses of all sizes fall victim to data breaches everyday. The security risks that a Node.js based web application face are no different than any other web application. This course, Securing Your Node.js Web App, will empower you with both the understanding of various web based security risks and how to apply the proper mitigation in your Node.js web application. First, you'll learn about implementing proper authentication and session management. Next, you'll explore how to protect your MongoDB database from injection attacks and how to handle untrusted data - a key player in many of the risks you'll look at. Finally, you'll wrap up by learning how to control application and user authorization to key access areas and the benefits of serving our application over HTTPS. By the end of this course, you'll be on your way to building a significantly more secure Node.js web application.
Transcript

Hi everyone, my name is Max McCarty and welcome to my course Securing your Node.js Application. I am a Software engineer in Pittsburgh Pennsylvania and host of the Lock Me Down Podcast<br> <br> Why learn about this topic?:<br> 1. Since its creation in 2009, Node.js has seen exponential growth in its community of users and the applications they are building<br> 2. And the drive towards a connected society, the need for web applications has never been greater.<br> 3. Even companies such as Wall Street Journal, Ebay, GoDaddy, Microsoft and Ancestry.com have embraced node for various needs.<br> 4. Yet, despite the push to connect the world as we know it, businesses of all sizes fall victim to data breaches everyday.<br> 5. With over 5,000 data breaches reported since 2005, we clearly still have a problem. 6.Which brings us to why we are here.<br> 7. Web application security isn’t going anywhere and it isn’t getting any easier to securely host users personal and financial information.<br> <br> In this course, not only will we implementing the code to mitigate major security threats our web application will face, but also introduce you to a number of security testing tools along the way.<br> <br> We’ll be tackling areas such as <br> 1. Implementing proper Authentication and Session Management<br> 2. Protecting our MongoDB database from Injection attacks<br> 3. How to Handling Untrusted data, a key player in many of the risks we’ll look at<br> 4. How to control application and user authorization to key access areas<br> 5. The benefits of serving our application over HTTPS<br> <br> By the end of this course you’ll be on your way to building a significantly more secure node.js web application, because someone or some company's application will be the next victim of a data breach, the question is, “Will it be yours?”.<br> <br> I really enjoyed building this course, and I hope you’ll enjoy watching.

Course info
Level
Intermediate
Rating
(21)
Duration
5h 21m
Updated
15 Dec 2016
Course authors

Max McCarty is the founder and owner of the software security site LockMeDown.com and hosts the popular Lock Me Down Podcast. As a senior software engineer, Max’s focus is on software security and empowering the everyday developer with the information to write more secure software.

Share course