Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Tuesday, June 28 • 09:00 - 17:00
Day 2/2 - Assessing and Securing MEAN (MongoDB, Express.js, Angular.js, and Node.js)

Sign up or log in to save this to your schedule and see who's attending!

MEAN is a free and open-source JavaScript software stack for building dynamic web sites and web applications and has gained momentum in the last years: 
- MongoDB, a NoSQL database 
- Express.js, a web application framework that runs on Node.js 
- Angular.js, a JavaScript MVC framework that runs in browser JavaScript engines developed by Google 
- Node.js, an execution environment for event-driven server-side and networking applications 
Every developer has heard of it and many organisations are moving their production applications to MEAN stack. 

This one day training will teach you how web application vulnerabilities change in the MEAN stack. We are going to explore these technologies and talk about the main issues you can encounter while either assessing or writing MEAN applications: 
1) Security Fundamentals and Implications of using MongoDB, Express.js Angular.js and Node.js 
2) OWASP Top 10 in MEAN 
3) Typical exploitation of MEAN and how to stop these attacks 
- NoSQL injections 
- Server-side JavaScript injections 

This course will be 50% hands-on using: 
- Secure Code Warrior (https://www.securecodewarrior.com), a platform where software developers use hands-on learning to build secure-coding skills and are benchmarked versus their peers. A month full access to the SCW platform is included in the training. 
- OWASP NodeGoat (https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project) 

Trainer
avatar for Jaap Karan

Jaap Karan

Chief Singh, Secure Code Warrior
Jaap is coder, hacker and Chief Singh at Secure Code Warrior in Australia. After having done security testing at BAE Systems in Australia, he moved back to building great things instead of breaking them. He is one of the brains behind the Secure Code Warrior platform, mainly focussing on backend development using Node, Express and Mongo.

Tuesday June 28, 2016 09:00 - 17:00
Bramante 14

Attendees (6)