SFNode Meetup at Capital One

Este evento já foi realizado

160 pessoas foram

A cada 1º Quinta-feira do mês.

Imagem do local do evento

Detalhes

SFNode comes to Capital One with two great returning speakers. Thomas Hunter II starts off Real World Attacks in the npm Ecosystem then we'll learn about Building VSCode Extensions with TypeScript by Erick Wendel. After that we'll close out the night with the usual assortment of activities: open mic and networking until 9pm.

Schedule
6:30pm - Doors Open
7:00pm - Real World Attacks in the npm Ecosystem - Thomas Hunter II
7:30pm - Building VSCode Extensions with TypeScript - Erick Wendel
8:00pm - Open Mic and Social Time
9:00pm - Doors close

Real World Attacks in the npm Ecosystem

In this talk we will examine some practical attacks against the npm package ecosystem. We will look at both theoretical attacks as well as attacks which have already happened.

The most recently publicized attack we’ll look at is the event-stream module. This will include a breakdown of functionality, why it was difficult to find, and why a static analysis tool will not protect from such an attack. We’ll also look at some other intentionally malicious modules like getcookies which have also been published.

We’ll also look at some theoretical attacks and incorporate research done by @ChALkeR and npm.

Content is based on these two posts of mine:
The Dangers of Malicious Modules
Compromised npm Package: event-stream

Talk will cite some research done by ChALkeR and npm:
https://github.com/ChALkeR/notes/blob/master/Gathering-weak-npm-credentials.md
https://medium.com/npm-inc/security-in-the-js-community-4bac032e553b

About Thomas Hunter II

Thomas is the author of Advanced Microservices and is a prolific public speaker with a passion for reducing complex problems into simple language and diagrams. His career includes working at Fortune 50's in the Midwest, co-founding a successful startup, and everything in between.

Building VSCode Extensions with TypeScript

Productivity, good project delivery, and Code review are words that can scare many software developers. Maybe because of the delivery time or project complexity. This talk will show you how to create visual studio code snippets, extensions, and tools using TypeScript. Attendees will learn how to be more productive and how to change their mindset to think focused on business less than only code :D

About Erick Wendel

Erick Wendel is a Speaker, Software Consultant and community Co-organizer in Brazil. Named by Microsoft as Most Valuable Professional, and by Google as Google Developer Expert, a specialist in Node.js and Javascript Applications. He is a Software Independent Architect who helps companies to make better and cheaper applications using Serverless architectures, Container based applications, and Hybrid Cloud solutions. He has experience speaking and teaching at the biggest conferences in Brazil and Americas, working as voluntary Leader of NodeBR, Javascript São Paulo and Nerdzão Communities.

Open mic
Open mic time give attendees 2-3 minutes of time to talk to the entire group. This is the time to debut a new project, announce upcoming events or let people know they're hiring.

Upcoming Events
• WaffleJs (http://wafflejs.com/)- First Wednesday of the month
• NodeSchool SF (http://nodeschool.io/sanfrancisco) - Last Saturday of the month
• NodeSchool Oakland (http://nodeschool.io/oakland) - Middle Saturday of the month