Securing SPA's at NDC Security

Tuesday, May 22, 2018 1 minute read Tags: javascript speaking security pluralsight
Hey, thanks for the interest in this post, but just letting you know that it is over 3 years old, so the content in here may not be accurate.

Last week I had the pleasure of speaking at the first NDC Security Australia on the topic of Securing Single Page Applications.

This talk was an extension of a recent Pluralsight Play by Play that Troy Hunt collaborated on under the same topic.

The slides from the talk are available here.

In the talk I refer to this blog post about harvesting credit card details using npm packages and that you can use tools like Sonar, Retire.js and to track issues in your external dependencies.

I also talked about creating keyloggers in CSS, using this PoC, but I might write a bigger piece about that in the future.

I think this is a great talk, and a topic that is too often overlooked, so if you’d be interested in learning more get in touch and we’ll see if I can’t work out a time to present it again 😀.