Security is usually an afterthought but is an important part of building a production-ready app.
You're probably using plain vanilla Express. Fail. You're probably using a templating library like Underscore or Handlebars. Ha, sorry! You're probably only sanitizing user data. Nope, won't save you.
In this talk, I plan to identify even more anti-patterns and share best practices for securing your apps (focusing on Node.js and SPA libraries like backbone). I'll show actual security holes found in code and how you can patch them, too!
I hope to inspire others to care about security and take the extra step to secure their app and their users. Thanks!
being a sponsor?