Securing SPA's at NDC Security

Tuesday, May 22, 2018 1 minute read Tags: javascript speaking security pluralsight
Hey, thanks for the interest in this post, but just letting you know that it is over 3 years old, so the content in here may not be accurate.

Last week I had the pleasure of speaking at the first NDC Security Australia on the topic of Securing Single Page Applications.

This talk was an extension of a recent Pluralsight Play by Play that Troy Hunt collaborated on under the same topic.

The slides from the talk are available here.

In the talk I refer to this blog post about harvesting credit card details using npm packages and that you can use tools like Sonar, Retire.js and Snyk.io to track issues in your external dependencies.

I also talked about creating keyloggers in CSS, using this PoC, but I might write a bigger piece about that in the future.

I think this is a great talk, and a topic that is too often overlooked, so if you’d be interested in learning more get in touch and we’ll see if I can’t work out a time to present it again 😀.