Foundational JavaScript Security

Learn how to use tools like Synk, Dependabot, and AppSensor to examine vulnerabilities in your JavaScript applications and close the loopholes before hackers can exploit them.

Introduction

• Foundational JavaScript security
• What you should know

1. Introduction and Setup

• What is ethical hacking?
• Overview of cyber kill chain
• Plan an attack strategy
• Base project setup
• Challenge: What is ethical hacking?
• Solution: What is ethical hacking?

2. Reconnaissance

• Reconnaissance introduction
• Introduction and setup for Snyk
• Introduction to GitHub Dependabot
• Introduction to AppSensor
• Reconnaissance applied to project
• Challenge: What is the purpose of reconnaissance?
• Solution: What is the purpose of reconnaissance?

3. Top Security Threats

• Injection threat
• Broken authentication
• Sensitive data
• XML external entities
• Security misconfiguration
• Insecure deserialization
• Components with known vulnerabilities
• Insufficient logging and monitoring
• Challenge: What is the best resource for top threats?
• Solution: What is the best resource for top threats?

4. Security Threats Applied

• Injection threat resources
• Broken authentication resources
• Sensitive data exposure resources
• XML external entities resources
• Security misconfiguration resources
• Secure deserialization resources
• Challenge: What is secured deserialization?
• Solution: What is secured deserialization?

Conclusion

• Next steps