Injecting a node.js app using NoSQL and Query Selector Injection

  • Thursday, 15 Sep 2016 1:00PM EDT (15 Sep 2016 17:00 UTC)
  • Speaker: Aaron Cure

Your application connects to a backend database server. Traditionally we look for SQL Injection and similar issues. What do we do with a NoSQL database? How do we protect it?

In the upcoming node.js on demand course author Aaron Cure will introduce students to application security concepts and practices, as well as specific issues and mitigations in the node.js framework.

Students will investigate topics such as HTML local data storage, CSRF, and rate limiting brute force attacks in node.js applications. In a series of labs they will protect vulnerable web applications and services using AppSec \best practices" as well as libraries and tools in the node.js environment. In this webcast, Aaron will review SQL Injection in Node.js apps against modern NoSQL databases?