This event has ended. Visit the official site or create your own event on Sched.
View analytic
Thursday, October 22 • 4:00pm - 5:00pm
The Node.js Highway: Attacks Are At Full Throttle

Sign up or log in to save this to your schedule and see who's attending!

Node.js is the drive-and-go language and its popularity is soaring. Five years after its debut, and the language’s framework boasts more 2M downloads a month.

Before accelerating too quickly, it is important to understand the power – and corresponding mishaps – of this language.

In this talk, we demonstrate new attack techniques against applications built on top of the Node.js language.

Attacks include:

· Application-layer DDoS attacks. Bringing a server to its knees with just 4(!) requests.

· Password exposure attacks. Leveraging the “Forgot My Password” feature of applications in order to reveal the passwords of all the application’s users

· Business logic attacks. Running malicious code on all machines of users of the applications when exploiting a weak business feature

Watch the Talk Video

avatar for Igor Matlin

Igor Matlin

Senior Solutions Architect, Checkmarx
Developer, traveler, mobile technology junkie...and over 20 years of technical experience in high-tech companies as a software engineer and technical lead. Prior to joining Checkmarx as a Senior Solutions Architect, I worked on mobile technologies at Myriad Group, a leading mobile software company, and mobile browser developer Novarra, acquired by Nokia in 2010.

Thursday October 22, 2015 4:00pm - 5:00pm
Under Armour Room Norris Conference Center, Austin
  • Host Organization