Articles tagged for: secure

If you are doing security research or just curious about finding npm vulnerabilities, let me share some resources to help you stay up-to-date with the latest security CVEs in the JavaScript ecosystem.

Half a dozen secure code review comments and none of them mentioned the potential security vulnerability that exists in the code snippet. Let's dive into a Node.js secure code review and see if you can spot the security bug you totally missed.

Briefly exploring core concepts around Node API security with regards to GraphQL and REST API design with code examples specific to Node.js application servers.

Briefly exploring the Node.js threat model to draw some opinions on whether Node.js is secure or not.

Interestingly enough, the IDOR vulnerability type is found as a CVE more commonly in some languages rather than others. Why is that and how can you prevent it?

Are we going to settle the debate between raw SQL queries and ORMs once and for all? Let's explore the pros and cons of each approach and find the right balance between control and convenience.