Dive into a hands-on JavaScript and cloud native live-hacking session in this 52-minute SnykLIVE recording. Explore common threats, vulnerabilities, and misconfigurations in modern JavaScript application development, which now encompasses open-source dependencies, containerization, and cloud infrastructure. Learn about supply chain attacks, cybersecurity challenges in open-source software, and potential issues with containers. Witness live hacking demonstrations and gain insights into protecting your applications through actionable remediation strategies and best practices. Discover the concept of Defense in Depth and receive valuable recommendations for securing your development pipeline. Access useful resources and links to further enhance your understanding of JavaScript security in the cloud native era.
Stranger Danger - Your JavaScript Attack Surface Just Got Bigger
Overview
Syllabus
- Stream Start
- Introductions
- The State of OSS
- Examples of open source software attacks
- Supply chain attacks affect all ecosystems
- The iceberg
- Cybersecurity challenges in OSS
- Live Hacking
- What did we learn?
- Back to our iceberg
- What can go wrong with using Containers?
- What's the last layer of the iceberg
- The modern application
- SDLC Pipeline
- Defense in Depth
- Recommendations
- Useful resources
- Closing
Taught by
Snyk
