Episode 22: Secure Javascript with npm with Adam Baldwin
Web Rush
English - March 05, 2019 08:00 - 49 minutes - 34.2 MB - ★★★★★ - 37 ratingsTechnology Education How To web javascript technology developers Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Recording date: 2019-01-31
John Papa @John_Papa
Ward Bell @WardBell
Adam Baldwin @adam_baldwin
Resources:
Details about the Event Stream Incident
News about the Event Stream Incident
Greenkeeper.io
Package Locks
Synk.io
npm Audit
Comparing npm audit with Snyk
Private Packages
Ways to Have Your Private npm Registry
The Rogue Gallery of Cybersecurity Bad Actors
FaceTime Audio Bug
Two Factor Authentication
HaveIBeenPwned
How Serverless Works to Manage HaveIBeenPwned
Someone to follow
@RachelTobac
@Fox0x01
@ReyBango
TroyHunt
@ManfredSteyer / Softwarearchitekt.at
@ShmuelaJ / NG-Girls.org
@JenLooper
Timejumps
00:57 Guest Introduction
02:23 Javascript security in the news
05:29 Should we be worried about this happening again?
06:54 What's the best course of action when you see security warnings?
08:56 What is Greenkeeper?
10:18 Sponsor: Nativescript
10:52 Comparing npm audit and snyk
14:33 What do people who want to have a corporate acccount do?
21:22 Using a real world example
24:08 Are there times where it can't figure out what to do?
26:16 Isn't there a way to just keep malware out of the registry?
28:22 Sponsor: IdeaBlade
29:23 What's a bad actor?
34:17 FaceTime group call bug
36:05 Recommended tips for security
39:34 What's the state of 2 factor auth?
42:31 When we pass software to clients, how can we secure things?
45:08 Someone to follow