Node.js: Successful, exciting... and bares security risks
- Tuesday, June 9th, 2015 at 11:00 AM EDT (15:00:00 UTC)
- Amit Ashbel
You can now attend the webcast using your mobile device!
There is no argument about the power of node.js however as with any coding language or framework, security issues are just around the corner waiting to be picked up.
In this talk, we discuss new attack techniques against applications built on top of the Node.js language.
- Application-layer DDoS attacks. Bringing a server to its knees with just 4(!) requests.
- Forgot your Password ? - Let's see if we can guess it for you.
- Business logic attacks. Running malicious code on all machines of users of the applications when exploiting a weak business feature
Amit Ashbel joined Checkmarx From Trusteer (acquired by IBM). He has been with the security community for more than a decade where he has taken on multiple tasks and responsibilities over the years, including technical and Senior Product lead positions. Amit adds valuable product knowledge including experience with a wide range of security platforms and familiarity with emerging threats and the hi-tech security industry.