Software Integrity Blog

 

[Webinars] DoS attacks in Node.js, SAST in DevSecOps

Learn how to protect Node.js apps against denial-of-service attacks, and how to integrate static application security testing into DevSecOps pipelines.

Watch our webinar on DoS attacks in Node.js

This DoS Goes Loop-di-Loop

Do you know the common ways Node.js applications may be vulnerable to denial-of-service attacks?

The single-threaded nature of Node.js makes it very susceptible to DoS attacks. While the Node.js event loop allows you to perform some operations asynchronously, it’s still quite easy to write a vulnerable Node.js application by making a few simple mistakes.

In this talk, we’ll cover some common ways a Node.js application may be vulnerable to DoS attacks and some common best practices and countermeasures to defend against such attacks.

What: This DoS Goes Loop-di-Loop

When: Available on demand

Who: Allon Mureinik, Senior Manager, Synopsys

Watch now


Register for our webinar on SAST in DevSecOps

5 Steps to Integrate SAST Into the DevSecOps Pipeline

Even software with a solid architecture and design can harbor vulnerabilities, whether due to mistakes or shortcuts. But limited security staff don’t have the resources to perform code reviews and provide remediation guidance on the entire application portfolio. Static analysis, also known as static application security testing (SAST), is an automated way to find bugs, back doors, and other code-based vulnerabilities so the team can mitigate those risks.

First, though, you must choose a static analysis model that fits your needs. You might have questions such as these:

  • How do I manage false positives?
  • How do I triage the results?
  • What happens to new issues identified?
  • My scan takes hours to complete. How can I use this tool in my DevSecOps pipeline?
  • What is a “baseline scan”?

Join us as we walk you through the challenges and benefits of integrating a SAST tool into your DevSecOps pipeline and how we’ve helped other organizations with this process.

What: 5 Steps to Integrate SAST Into the DevSecOps Pipeline

When: Available on demand

Who: Meera Rao, Senior Principal Consultant, Synopsys

Watch now

 

More by this author