The Node.js Security Ecosystem скачать в хорошем качестве

The Node.js Security Ecosystem 2 года назад

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...

Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: The Node.js Security Ecosystem в качестве 4k

У нас вы можете посмотреть бесплатно The Node.js Security Ecosystem или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:

Информация по загрузке:

Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон The Node.js Security Ecosystem в формате MP3:

Если кнопки скачивания не загрузились НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу страницы.
Спасибо за использование сервиса ClipSaver.ru

The Node.js Security Ecosystem

Chaptering and links to content 00:00 - Cloud Security Lounge 04:15 - Introduction - what is node.js and what we'll be doing today 06:26 - Level setting by Michael - why is this important? 07:15 - Are we talking about JS in a headless browser? 08:15 - Frontend to backend - is node.js the continuum ? 09:40 - The difference in mindset between frontend and backend - security-wise 12:24 - Node.js has had security as a core value since the beginning 13:30 - Node.js publishes its threat model as a triage step for security vulnerability reports 14:05 - There's no easy way to triage and consume security vulnerability reports 16:30 - The trust boundaries of node.js 17:33 - Best practices document supplements the threat model by suggesting mitigations for common vulnerable patterns 18:25 - OSSF Criticality Score and Scorecard 21:15 - Vulnerabilities that are NOT 3rd party - what's the fix process? 24:30 - The personas behind the fixing process - Fixers and Releasers 24:58 - Bug Bounty! 25:58 - Security Stewards 28:00 - Things that didn't work in the process of fixing issues and creating releases 32:00 - How to join the effort and help out 34:50 - You don't need to be a Node expert to help 35:00 - Third Party Risk and Supply Chain Security 39:45 - How Node looks at the future of supply chain issues 45:00 - Guarddog Demo 49:00 - Adding tooling to your CI/CD to elevate assurance 52:40 - Upcoming - the permission model of node.js - one more layer of control 57:16 - In closing and Call To Action Node.js security guidelines and threat model: https://github.com/nodejs/node/blob/m... Node.js security best practices: https://nodejs.org/en/docs/guides/sec... Datadog Guarddog: GitHub - DataDog/guarddog: https://github.com/DataDog/guarddog The Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks by Marc Ohm, Henrik Plate, Arnold Sykosh and Michael Meier in the proceedings of the International Conference on Detection of Intrusions and Malware and Vulnerability Assessment, 2020

Comments