JSJ 294: Node Security with Adam Baldwin
JavaScript Jabber4 Jan 2018

JSJ 294: Node Security with Adam Baldwin

Panel: Charles Max WoodAJ O’NealJoe EamesSpecial Guests: Adam BaldwinIn this episode, JavaScript Jabber panelist speak with Adam Baldwin. Adam is a return guest and has many years of application security experience. Currently, Adam runs the Node Security Project/Node Security Platform, and Lift Security. Adam discusses the latest of security of Node Security with Charles and AJ. Discussion topics cover security in other platforms, dependencies, security habits, breaches, tokens, bit rot or digital atrophy, and adding security to your development.In particular, we dive pretty deep on:
  • What is the Node Security Project/Node Security Platform
  • Dependency trees
  • NPM
  • Tokens and internal data
  • What does Node Security do for me?
  • NPX and NSP
  • Command Line CIL
  • Bit Rot or Digital Atrophy
  • How often should you check repos.
  • Advisories
  • If I NPM install?
  • Circle CI or Travis
  • NSP Check
  • What else could I add to the securities?
  • Incorporate security as you build things
  • How do you find the vulnerabilities in the NPM packages
  • Two Factor authentication for NPM
  • Weak Passwords
  • OL Dash?
  • Install Scripts
  • Favorite Security Story?
  • And much more!
Links:Picks:AdamCharlesAJJoeSpecial Guest: Adam Baldwin.

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Avsnitt(735)

Modern JavaScript Testing: Integration, Contract Testing & AI Tools - JSJ 692

Modern JavaScript Testing: Integration, Contract Testing & AI Tools - JSJ 692

In this episode of JavaScript Jabber, I sit down with Dan Shapir and our special guest, Yoni Goldberg, to dive deep into the ever-evolving world of JavaScript testing. Yoni, a consultant who’s worked ...

29 Sep 20251h 6min

The Comeback of RPC: SolidJS, TanStack, and the Future of JavaScript Frameworks with Ryan Carniato & Tanner Linsley - JSJ 691

The Comeback of RPC: SolidJS, TanStack, and the Future of JavaScript Frameworks with Ryan Carniato & Tanner Linsley - JSJ 691

In this episode of JavaScript Jabber, I sit down with Ryan Carniato, creator of SolidJS, and Tanner Linsley, the force behind TanStack, for a deep-dive conversation on the resurgence of Remote Procedu...

22 Sep 20251h 29min

Exploring Vibe Coding and the Future of Product Management with Gunnar Berger - JSJ 690

Exploring Vibe Coding and the Future of Product Management with Gunnar Berger - JSJ 690

In this episode of JavaScript Jabber, I sit down with Amazon product leader Gunnar Berger to dive into the fast-evolving world of vibe coding and how it’s reshaping the relationship between developers...

12 Sep 20251h 13min

How to Use Web Components, Iframes, and Module Federation for Multi-Framework Apps - JSJ 689

How to Use Web Components, Iframes, and Module Federation for Multi-Framework Apps - JSJ 689

This week on JavaScript Jabber, we dive deep into the challenges and opportunities of mixing and matching frontend frameworks in modern applications. I’m joined by Dan Shapir, Steve Edwards, and our s...

2 Sep 20251h 17min

Why We’re Building the Front End Wrong (and How to Fix It) - JSJ 688

Why We’re Building the Front End Wrong (and How to Fix It) - JSJ 688

In this episode of JavaScript Jabber, I sit down with Delaney Gilliland to dive into why most of us are building the front end wrong—and what a faster, leaner, and simpler alternative could look like....

28 Aug 202546min

Vibe Coding: Building Faster with AI-Powered Development - JSJ 687

Vibe Coding: Building Faster with AI-Powered Development - JSJ 687

In this episode of JavaScript Jabber, we dive deep into the world of vibe coding—what it means, how it works in practice, and why it’s changing the way developers build software. I’m joined by Anthony...

22 Aug 20251h 11min

The Next Wave of Dev Tools: AI Assistants and JavaScript Workflows - JSJ 686

The Next Wave of Dev Tools: AI Assistants and JavaScript Workflows - JSJ 686

In this episode of JavaScript Jabber, we sit down with Vinicius Dallacqua, a seasoned software engineer with a passion for performance and developer tooling. Vinicius shares his journey from coding in...

14 Aug 20251h 6min

Inside VueConf: Nuxt 4, AI in Development, and the Future of Vue with Erik Hanchett - JSJ 685

Inside VueConf: Nuxt 4, AI in Development, and the Future of Vue with Erik Hanchett - JSJ 685

In this episode of JavaScript Jabber, we welcome back Erik Hanchett, Senior Developer Advocate at AWS, to dive into his experience at VueConf. From the energy of the Vue community to lightning talks o...

8 Aug 202558min

Populärt inom Business & ekonomi

badfluence
framgangspodden
varvet
rss-borsens-finest
rss-jossan-nina
uppgang-och-fall
bathina-en-podcast
lastbilspodden
svd-tech-brief
borsmorgon
avanzapodden
rss-kort-lang-analyspodden-fran-di
fill-or-kill
rss-inga-dumma-fragor-om-pengar
affarsvarlden
dynastin
rss-dagen-med-di
tabberaset
rss-veckans-trade
kapitalet-en-podd-om-ekonomi