NPM and the Node.js ecosystem have vastly changed the way modern software is built. Today, everyone use these tools. The real question is: "how is security handled in that ecosystem?".

Vladimir is one of the key individual in this ecosystem and will detail the security initiatives and process of the Node.js project. He will also go through recent security reports of Node.js and the ecosystem (including ESLint) to present what measures have been taken in reaction to them.


Vladimir de Turckheim
Software Engineer, Sqreen
Vladimir works as a software engineer at Sqreen where he builds a tool to secure web applications. He used to be a professional security auditor and a web developper in agencies. He is one of the most active members of the Node.js Security Working Group where he handles the security.

-

Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...