Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, May 21 • 11:55 - 12:40
The Node.js Highway: Attacks Are At Full Throttle

Sign up or log in to save this to your schedule and see who's attending!

Node.js is the drive-and-go language and its popularity is soaring. Five years after its debut, and the language’s framework boasts more 2M downloads a month.

Before accelerating too quickly, it is important to understand the power – and corresponding mishaps – of this language.

In this talk, we demonstrate new attack techniques against applications built on top of the Node.js language.

Attacks include:

·        Application-layer DDoS attacks. Bringing a server to its knees with just 4(!) requests.

·        Password exposure attacks. Leveraging the “Forgot My Password” feature of applications in order to reveal the passwords of all the application’s users

·        Business logic attacks. Running malicious code on all machines of users of the applications when exploiting a weak business feature

Speakers
MS

Maty Siman

Checkmarx
Maty is the CTO and founder of Checkmarx. Maty has more than a decade of experience in software development, IT security and source-code analysis. Prior to founding Checkmarx, Maty worked for two years at the Israeli Prime Minister’s Office as a senior IT security expert and project manager. Prior to that, he spent six years with the Israel Defense Forces (IDF), where he established and led a development team in the IDF’s... Read More →


Thursday May 21, 2015 11:55 - 12:40
Room E106 & E107 Amsterdam RAI

Attendees (25)