Loading…
This event has ended. Visit the official site or create your own event on Sched.
View analytic
Thursday, October 22 • 4:00pm - 5:00pm
The Node.js Highway: Attacks Are At Full Throttle

Sign up or log in to save this to your schedule and see who's attending!

Node.js is the drive-and-go language and its popularity is soaring. Five years after its debut, and the language’s framework boasts more 2M downloads a month.

Before accelerating too quickly, it is important to understand the power – and corresponding mishaps – of this language.

In this talk, we demonstrate new attack techniques against applications built on top of the Node.js language.

Attacks include:

· Application-layer DDoS attacks. Bringing a server to its knees with just 4(!) requests.

· Password exposure attacks. Leveraging the “Forgot My Password” feature of applications in order to reveal the passwords of all the application’s users

· Business logic attacks. Running malicious code on all machines of users of the applications when exploiting a weak business feature

Watch the Talk Video

Speakers
avatar for Igor Matlin

Igor Matlin

Senior Solutions Architect, Checkmarx
Developer, traveler, mobile technology junkie...and over 20 years of technical experience in high-tech companies as a software engineer and technical lead. Prior to joining Checkmarx as a Senior Solutions Architect, I worked on mobile technologies at Myriad Group, a leading mobile software company, and mobile browser developer Novarra, acquired by Nokia in 2010.


Thursday October 22, 2015 4:00pm - 5:00pm
Under Armour Room Norris Conference Center, Austin
  • Host Organization