addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwchatcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgoogleimageimagesinstagramlinklocation-pinmagnifying-glassmailminusmoremuplabelShape 3 + Rectangle 1outlookpersonplusprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

Securing Modern Web Frameworks with Node.js

If you are interested in modern web application security or just interested in Node.js security, this meetup is definitely for you! Pizza and beer will be provided.

Please RSVP if you can make it.

Agenda

• Socialising -  6:30pm - 7:00pm  

• Presentation - 7:00pm - 8:00pm


Presentation

The presentation is aimed at software developers, QA engineers and pen-testers. It will cover the typical JavaScript gotchas, potential server misconfigurations and other attacks that are common in all web application frameworks. The focus of the presentation is to educate developers and testers on security vulnerabilities in web applications with an emphasis on how they apply to a real world example application utilising the hipster stack (mean.io).


The presentation will cover:

• Injection attacks with MongoDB

• XSS becoming harder to mitigate

• Session management with JWT

• Framework/Library hardening

• JavaScript language issues

• Session management

• Code analysis tools

• ...and more!


About the speakers

Julian Berton

Julian has a background in software development and spent the last three years working on web development and application security projects. He has since pursued his passion for information security where he is now employed as a security consultant. Julian is also an OWASP Melbourne chapter lead. In his spare time he founded a security meetup group called Melbourne Security Hub, enjoys rock climbing, mining crypto currencies and attending various meetups.

John Bird

John spends his daytime hours as a principle software engineer working at CA Technologies. The evening and early morning hours are used to study anything and everything in computer security. John also enjoys opening up electronics gear to try and figure out how it ticks and if it can be repurposed. He has presented at Ruxmon and Ruxcon conference.


Location

The York Butter Factory is the co-working space for Melbourne's high-potential digital and web entrepreneurs. Home to some of Australia's top Startups. More info: http://yorkbutterfact­ory.com/


Access

If you are locked out or having issues finding the place, call us and we will guide you :)

• Serge (serg [at] owasp [dot] org)[masked]

• Julian (julian [dot] berton [at] owasp [dot]] org)[masked]

Sponsor

Loop Consulting is an Australian owned and operated business with offices in Sydney, Melbourne and Brisbane specialising in providing high quality security consulting services. Loop's service offering includes: Governance, risk and compliance; Security assurance - web and mobile applications, infrastructure, wireless as well as code reviews, social engineering and physical security; PCI-DSS services; and Incident response and forensics.


Hope to see you all there!

Join or login to comment.

  • Julian B.

    Slides can be found here:

    https://docs.google.com/file/d/0B2helxocEfixUHJseXhyUlRYNTQ

    Video will be available shortly once i figure out how to edit it :)

    Glad you enjoyed it! Feedback is very welcome. Also please send us topics that would be of interest and we will do our best to find speakers!

    3 · June 20, 2014

  • A former member
    A former member

    Thank you for a great talk. Very interested in the Security 101 idea as well!

    June 20, 2014

  • Moiz

    Very good presentation. Keep it up guys !!!
    Can you please share the slides.

    1 · June 20, 2014

  • Robert

    Was informative. I look forward to the security 101 idea, if it goes through

    1 · June 20, 2014

  • Marcel

    Great meet up, really enjoyed it, look forward to going through the slide pack and investigating all those services! Thanks.

    1 · June 19, 2014

37 went

Our Sponsors

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy