Protecting my Node.js project of dependency confusion attacks
Having a private registry as part of a stack is getting a popular trend due to the benefits that it brings to your organization. But a misconfigured registry can open the door to malicious individuals. This talk is about how to secure a Node.js project from dependency confusions and other possible attacks using a Verdaccio registry as proof of concept.
Juan Picado
Senior Front-End Engineer at eBay Classifieds Group based in Berlin, building front-ends for classifieds like Kijiji Autos in Canada. He is a passionate JavaScript engineer, contributes to open source almost every day and is the lead maintainer of Verdaccio (mostly in his spare time). His goal is to help the Node.js ecosystem to keep a free and open private registry accessible for all developers.
Смотрите видео Protecting my Node.js project of dependency confusion attacks онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь DevSecCon 22 Апрель 2021, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 1,473 раз и оно понравилось 18 людям.