Email the Author
You can use this page to email Liran Tal about Essential Node.js Security.
About the Book
This book is intended to be a hands-on thorough guide for securing web applications based on Node.js and the Express web application framework. Many of the concepts, tools and practices in this book are primarily based on open source libraries and the author leverages these projects and highlights them.
The main objective of the book is to equip the reader with practical solutions to real world problems, and so this book is heavily saturated with source code examples as well as a high level description of the risks involved with any security topic, and the practical solution to prevent or mitigate it.
Even though Express is chosen as the case for web application framework, many concepts in this book can, and should be taken into account, and implemented with any other framework. Concepts like secure code, nosql injections, secure session management, and others are important security topics and would benefit any Node.js developer whose primary focus is web development.
About the Author
Liran Tal is an award-winning software developer, security researcher, and open source champion in the JavaScript community. He's an internationally recognized GitHub Star, acknowledged for his open source advocacy, and has received the OpenJS Foundation's Pathfinder for Security for his work on Node.js security. His contributions to developer security education include leading OWASP projects, building supply chain security tools, participation in CNCF and OpenSSF initiatives, and authoring books such as O'Reilly's Serverless Security. He leads the developer advocacy team at Snyk.io and is on a mission to empower developers with better application security skills.