This course aims to educate developers on common threats, vulnerabilities, and misconfigurations in JavaScript and cloud native applications. By participating in a live-hacking session, learners will understand how to identify and protect their applications from potential exploits. The course covers topics such as the state of open-source software, supply chain attacks, cybersecurity challenges, container security best practices, SDLC pipeline, defense in depth strategies, and actionable recommendations. The intended audience for this course includes cloud native application developers and individuals interested in enhancing their software security skills.
Stranger Danger - Your JavaScript Attack Surface Just Got Bigger
Overview
Syllabus
- Stream Start
- Introductions
- The State of OSS
- Examples of open source software attacks
- Supply chain attacks affect all ecosystems
- The iceberg
- Cybersecurity challenges in OSS
- Live Hacking
- What did we learn?
- Back to our iceberg
- What can go wrong with using Containers?
- What's the last layer of the iceberg
- The modern application
- SDLC Pipeline
- Defense in Depth
- Recommendations
- Useful resources
- Closing
Taught by
Snyk
