Last week I had the pleasure of speaking at the first NDC Security Australia on the topic of Securing Single Page Applications.
This talk was an extension of a recent Pluralsight Play by Play that Troy Hunt collaborated on under the same topic.
The slides from the talk are available here.
In the talk I refer to this blog post about harvesting credit card details using npm packages and that you can use tools like Sonar, Retire.js and Snyk.io to track issues in your external dependencies.
I also talked about creating keyloggers in CSS, using this PoC, but I might write a bigger piece about that in the future.
I think this is a great talk, and a topic that is too often overlooked, so if you’d be interested in learning more get in touch and we’ll see if I can’t work out a time to present it again 😀.