Articles tagged for: nodejs

How to Avoid JWT Security Mistakes in Node.js
Learn how to use JSON Web Tokens (JWT) securely in your Node.js applications. I'll cover the basics of JWT and share best practices to avoid common security mistakes.
Dec 19, 2024 ~ 4 min read
nodejs
jwt
auth
tokens
Can a Node.js Secure Code Review Find Future Vulnerabilities?
Half a dozen secure code review comments and none of them mentioned the potential security vulnerability that exists in the code snippet. Let's dive into a Node.js secure code review and see if you can spot the security bug you totally missed.
Dec 6, 2024 ~ 8 min read
nodejs
secure
code review
The Okta bcrypt Security Incident and The Bun vs Node.js Angle in Secure By Design
Even if you follow security best practices and choose bcrypt for password hashing you can still get it wrong. How does Bun handle it in a more secure fashion? What happened with the Okta bcrypt incident? Lets dive in.
Nov 17, 2024 ~ 7 min read
okta
bcrypt
bun
cryptography
nodejs
NodeJS Path Traversal Vulnerability Scanner
How about a more offensive side of security? Check out a NodeJS path traversal vulnerability scanner.
Nov 2, 2024 ~ 6 min read
nodejs
path
traversal
scanner
directory traversal
Node API Security
Briefly exploring core concepts around Node API security with regards to GraphQL and REST API design with code examples specific to Node.js application servers.
Sep 10, 2024 ~ 7 min read
nodejs
secure
configuration
Is Node.js Secure?
Briefly exploring the Node.js threat model to draw some opinions on whether Node.js is secure or not.
Sep 9, 2024 ~ 5 min read
nodejs
secure
threat model

Newer posts

Older posts