Course

Skills Expanded

Node.js: Application Security

by Jon Friskics

This course will teach you some of the most common security vulnerabilities in Node.js and Express applications and how to handle them.

Try for free

Get this course plus top-rated picks in tech skills and other popular topics.

$45.00

per month after 10 day trial

Your 10 day Premium free trial includes

Expanded library

This course and over 7,000+ additional courses from our full course library.

Hands-on library

Practice and apply knowledge faster in real-world scenarios with projects and interactive courses.

*Available on Premium only

For teams

Give up to 50 users access to our full library including this course free for 30 days

Course info

Level

Intermediate

Updated

Oct 4, 2024

Duration

37m

What you'll learn

In this course, Node.js: Application Security, you’ll learn some of the most common application security issues and how to handle them. First, you’ll explore how to prevent injection attacks with input validation and sanitization. Next, you’ll discover ways to mitigate other attacks through defense-in-depth practices like rate limiting, CSRF protection, and Content Security Policy. Finally, you’ll learn how to create an HTTPS server. When you’re finished with this course, you’ll have the skills and knowledge of writing more secure Node.js and Express applications.

Introduction

3mins

Overview of Course Demo Application 3m

Injection Attacks

8mins

Validating Input with express-validator 3m
Sanitizing Input with express-validator 1m
What Can Go Wrong? XSS 1m
Using SQL Parameterized Queries to Prevent SQL Injection 2m
Never Use eval() with User Input 1m

Brute-force Attacks

2mins

Rate Limiting 2m
Setting Maximum Request Sizes 1m

Cross-site Request Forgery

4mins

How Cross-site Request Forgery Works 1m
Preventing CSRF Issues 4m

HTTPS

7mins

Securing Traffic with HTTPS 2m
Generating an SSL Certificate 2m
Creating an HTTPS Server in Node.js 1m
Redirecting HTTP requests to HTTPS 1m

Content Security Policy

7mins

Using Content-Security-Policy Headers 6m
Other Response Headers 1m

Package Management

4mins

Using npm audit to Check Packages for Vulnerabilities 2m
Using npm outdated to Check Package Versions 2m

About the author

Jon Friskics

Jon is an author, developer, and Pluralsight team member via Code School. Lately, he's been working on content and products that help authors create content efficiently. Prior to that, he worked for several years on interactive learning at Code School, and later helped bring that to Pluralsight as Interactive Content.

See more courses by Jon Friskics

Try for free

Get this course plus top-rated picks in tech skills and other popular topics.

$45.00

per month after 10 day trial

Your 10 day Premium free trial includes

Expanded library

This course and over 7,000+ additional courses from our full course library.

Hands-on library

Practice and apply knowledge faster in real-world scenarios with projects and interactive courses.

*Available on Premium only

For teams

Give up to 50 users access to our full library including this course free for 30 days

Course info

Level

Intermediate

Updated

Oct 4, 2024

Duration

37m

Ready to upskill? Get started

Contact Sales

Node.js: Application Security

What you'll learn

Table of contents

About the author

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Contact Sales

Node.js: Application Security

What you'll learn

Table of contents

About the author

Get access now

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Ready to skill up
your entire team?

Ready to skill up
your entire team?