Node.js: Application Security

Focused View

Jon Friskics

37:33

0 View

1-Introduction

1 -Overview of Course Demo Application.mp4

03:04

2-Injection Attacks

2 -Validating Input with express-validator.mp4

03:19

3 -Sanitizing Input with express-validator.mp4

01:28

4 -What Can Go Wrong XSS.mp4

00:43

5 -Using SQL Parameterized Queries to Prevent SQL Injection.mp4

02:24

6 -Never Use eval() with User Input.mp4

00:38

3-Brute-force Attacks

7 -Rate Limiting.mp4

01:38

8 -Setting Maximum Request Sizes.mp4

01:20

4-Cross-site Request Forgery

9 -How Cross-site Request Forgery Works.mp4

00:41

10 -Preventing CSRF Issues.mp4

03:49

5-HTTPS

11 -Securing Traffic with HTTPS.mp4

01:53

12 -Generating an SSL Certificate.mp4

02:16

13 -Creating an HTTPS Server in Node.js.mp4

01:27

14 -Redirecting HTTP requests to HTTPS.mp4

01:24

6-Content Security Policy

15 -Using Content-Security-Policy Headers.mp4

06:07

16 -Other Response Headers.mp4

01:11

7-Package Management

17 -Using npm audit to Check Packages for Vulnerabilities.mp4

02:04

18 -Using npm outdated to Check Package Versions.mp4

02:07

Description

This course will teach you some of the most common security vulnerabilities in Node.js and Express applications and how to handle them.

What You'll Learn?

In this course, Node.js: Application Security, you’ll learn some of the most common application security issues and how to handle them. First, you’ll explore how to prevent injection attacks with input validation and sanitization. Next, you’ll discover ways to mitigate other attacks through defense-in-depth practices like rate limiting, CSRF protection, and Content Security Policy. Finally, you’ll learn how to create an HTTPS server. When you’re finished with this course, you’ll have the skills and knowledge of writing more secure Node.js and Express applications.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Node.Js

Jon Friskics

Instructor's Courses

Jon is an author, developer, and Pluralsight team member via Code School. Lately, he's been working on content and products that help authors create content efficiently. Prior to that, he worked for several years on interactive learning at Code School, and later helped bring that to Pluralsight as Interactive Content.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.