Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Node.js: Security

Node.js: Security

1h 2mIntermediate2025-01-14

Authors

Emmanuel Henri

Emmanuel Henri

Executive with 20+ years of experience in programming and design

Course details

In this comprehensive course, experienced full-stack developer Emmanuel Henri shows you how to secure your Node.js web applications as you discover common vulnerabilities, use essential security tools, and implement strategies to protect your data and users. Explore common threats such as broken access control, cryptographic failures, and injection vulnerabilities, and how to mitigate these risks with robust mechanisms. Find out how to leverage resources like OWASP for security information and use essential tools for added protection. Learn how to validate and sanitize user data, manage dependencies with tools like Snyk, and encrypt communications with Node.js packages like Crypto. Go over HTTPS, secure cookie attributes, and Cross-Site Request Forgery (CSRF) protection. By the end of the course, you will be able to identify vulnerabilities, implement security best practices, and use various tools to ensure your Node.js applications are secure.

Skills covered

Application SecurityNode.jsJavaScript FrameworksBack-End Web DevelopmentWeb Development ToolsCybersecurityWeb DevelopmentOpen SourceOne-Off

Concepts

0. Introduction

  • 01 - Securing your Node.js projects
  • 02 - What you should know

1. Security Overview

  • 03 - Introduction to OWASP and other sources
  • 04 - OWASP Top 10 in Node.js
  • 05 - Overview of broken access control
  • 06 - Overview of cryptographic failures
  • 07 - Overview of injections

2. Best Practices - Packages

  • 08 - Hands-on base template overview
  • 09 - Maintain package dependencies
  • 10 - Add 2-factor and read-only tokens with NPM

3. Best Practices - Data

  • 11 - Data handling with type and validation
  • 12 - Use prepared statements for SQL and NoSQL
  • 13 - Set proper HTTP headers with Helmet
  • 14 - Encrypt user data and session management

4. Best Practices - Server Level

  • 15 - Use secure HTTPS protocol
  • 16 - Rate limiting against DoS attacks
  • 17 - Use a library to prevent CSRF attacks
  • 18 - Use cookie attributes

5. Tools for Testing

  • 19 - Introduction to OWASP dependency check
  • 20 - Find vulnerabilities with Snyk
  • 21 - Penetration testing with Burp Suite

Conclusion

  • 22 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal