What Your Scanner Doesn’t Tell You CAN Hurt You

Explore common security vulnerabilities in popular JavaScript frameworks that often go undetected by modern security scanners. Dive into a live demonstration of exploiting intentionally vulnerable applications built with Backbone.js, Angular.js, Ember.js, and Meteor.js. Learn about framework-specific security pitfalls developers should be aware of when working with client-side JavaScript. Gain insights into strengthening the security posture of JavaScript applications to contribute to a more secure internet. Access Github links to the vulnerable applications used in the presentation after the talk concludes. This 25-minute conference talk at JSConf EU 2015 by Anand Vemuri aims to raise awareness about the limitations of current JavaScript security scanners and empower developers to create more secure web applications.