JavaScript and Node.js have shown themselves to be amazing platforms. Their sheer ease of use has empowered an entire community of creative individuals to build amazing things. Like in all cases, however, amongst the goodness lurk some risks. Nobody’s perfect, including Node.js and JavaScript, and a language’s strength can quickly translate to its vulnerability if looked through through an evil (or paranoid) lens.

I’ve given many talks about JavaScript security, looking to do my share in raising awareness and to keep our applications safer. Of those, my talk from the wonderful JSKongress went especially well. Check out the following edited-down version that is a great way to learn about the most common JS security pitfalls while enjoying a 20-minute live hacking session!

I hope you enjoyed the video! You can also check if your applications have known vulnerabilities by using Snyk on your project to test your dependencies. Sign up to test your code here.