Learn essential strategies for protecting Node.js applications from Denial of Service (DoS) attacks in this conference talk from Conf42 JS 2024. Explore common vulnerabilities specific to Node.js applications, including JSON parsing issues, XML bombs, the Billion Laughs attack, and regex backtracking problems. Discover the critical differences between synchronous and asynchronous storage operations and their impact on application security. Master practical techniques for identifying, preventing, and mitigating various types of DoS attacks through detailed examples and real-world scenarios. Walk away with actionable insights and key security practices to implement robust DoS protection in Node.js applications.
Preventing DoS Attacks in Node.js Applications - Security Best Practices
Overview
Syllabus
Introduction and Welcome
Understanding DOS Attacks
Node.js Application Vulnerabilities
JSON Parsing Vulnerabilities
XML Bombs and Billion Laughs Attack
Regex Backtracking Vulnerabilities
Synchronous vs Asynchronous Storage Operations
Conclusion and Key Takeaways
Taught by
Conf42
