Secure programming is the best defense against hackers. This multi-layered hands-on course will demonstrate live real time hacking methods , analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your Node JS application.
The methodology of the Cycle of knowledge is as follows: Understand, Identify, Prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. The hands on labs will enable the student to get a firsthand experience of the Hackers world and what could be done to stop him. Using sound programming techniques and best practices shown in this course, you will be able to produce high-quality code that stands up to attack.
The course covers major security principles in the Node JS applications, programming vulnerabilities, and specific security issues in Node JS web applications.
What is authentication
Store passwords securely
Revealing too much information
Client side authorization
UI based security
Implement authorization using middleware
Insecure direct object reference
Injections and Input Validation
OS command injection
Mongo DB (NoSQL) Injection
Data type conversion
Reflected/Stored Cross Site Scripting
XSS prevention cheat sheet
Node JS Encoding libraries
Swig template engine
Cross Site Request Forgery (CSRF)
Anti CSRF token
File extension handling
Sanity filename with fs.realpathSync
Data Confidentiality & Integrity
Secure traffic enforcement
Java Cryptography Architecture (JCA)
Exceptions and stack trace
Default error pages
Customize error pages using express
Events you should log
Events you should not log
Abuse of functionality
Node JS developers
Designers & architects
Basic knowledge of Node JS
Interested in this course? Have any questions?
Let us know and we’ll get back to you…
% Pure Security knowledge!