JavaScript Security: What You Need to Know to Write Secure Applications in JS

Thought you knew JavaScript security? Well, you don't. At least not as well as you thought you did. From CSRF to crypto, I'm going to teach you everything you absolutely must know to write secure JavaScript, especially web applications in particular, both front and backend. An emphasis will be put on teaching *practical* techniques and *best practices* that you can immediately go back to your company or organization and implement. Among the topics we will cover are preventing common and not-so-common but still critical vulnerabilities in JavaScript code, ranging from CSRF, command injection, improper password handling, broken authentication and authorization, bad cryptography, and more. We will also cover the best practices when attempting to write secure JavaScript code, on both the front and backend. From things like properly implementing user management schemes to as high-level as convincing your co-workers that security *does matter*, we will explore as much as possible in the time we have together. Best of all, you *don't have to have security experience*! Come as you are and dive into the intertwined worlds of JavaScript and security and learn how to write the most secure JavaScript and Node.JS applications of your life.