JSFoo Coimbatore 2019
JSFoo

JSFoo Coimbatore 2019

On building faster, performant and secure web applications

About JSFoo Coimbatore

JSFoo Coimbatore is a single-day conference with talks, Birds of Feather (BOF) sessions and speaker connect sessions. The conference will be held on Friday, 5 July, at Dr.G.R.Damodaran College of Science, Coimbatore.

JSFoo Coimbatore features talks on:

  1. How to secure your web applications by identifying vulnerabilities.
  2. Leveraging Web Application Vulnerabilities for Resourceful Intelligence Gathering.
  3. Case studies of performance improvements and using the modular approach to building front-ends.
  4. Node.js and good engineering practices such as logging, debugging and integrating security into your applications.
  5. WebSDK: switching between service providers on the fly.

Speakers from Hotstar, Uber, HackerRank, Chained Ventures, Tezify, Appsecco, Gramener, and Centre for Internet and Society (CIS) will present case studies and experiential talks which will help JavaScript, full stack and front-end engineers among partcipants to build faster, secure and performant we applications.

JSFoo Coimbatore 2019 sponsors:

Gold Sponsor
MockFlow

Bronze Sponsor
Hasura ThoughtWorks

Community Sponsor
PSG Software Technologies

Venue Partner
Dr GR Damodaran College of Science

For inquiries on tickets and sponsorships, call the JSFoo Coimbatore team on 7676332020 or write to us on info@hasgeek.com

Hosted by

JSFoo
JSFoo
JSFoo is a forum for discussing UI engineering; fullstack development; web applications engineering, performance, security and design; accessibility; and latest developments in #JavaScript. Follow JSFoo on Twitter more
All submissions
PreviousNext

Abilash Rajasekaran

Secure web application - Hands on workshop

Submitted Apr 22, 2019

Technical level: Intermediate

In this workshop we will be using the Damn Vulnerable NodeJS Application(DVNA) to demonstrate the OWASP top ten vulnerabilities. Initially participants will try to exploit, then understand and fix the vulnerability. We will use Kali linux to demostrate how to scan and find some of the vulnerabilities. If time permits we will try to explain, how to build secure containerized application and setting up CI/CD scanner.

Outline

Steps for every vulnerability:
1. Exploit
2. Understand
3. Fix

Below vulnerabilities will be covered
1. SQL and command Injection
2. Broken Authentication
3. Sensitive Data Exposure
4. XML External Entities
5. Broken Access Control
6. Security Misconfiguration
7. Cross-Site Scripting (XSS)
8. Insecure Deserialization
9. Using Components with Known Vulnerabilities
10. Cross Site Request Forgery
11. Unvaidated Redirects and Forwards

If Kali linux installed - participants will get to know how to scan the possible vulnerability.

If time permits - hands on or else just demonstration for the below:
1. Securing Containerized application
2. Setting up security scanner pipeline in CI/CD

Requirements

Must have:
Laptops - Installed docker

Nice to have(not mandatory):
Kali linux(VM/OS)

Speaker bio

We are group of Thoughtworks, extensively using Nodejs application. Below are the links to speakers profile in LinkedIn
https://www.linkedin.com/in/ramakrishnan-kandasamy-8020a037
https://www.linkedin.com/in/ssharanya
https://www.linkedin.com/in/abdulkaderjeelani
https://www.linkedin.com/in/abilash-rajasekaran

Links

Slides

https://appsecco.com/books/dvna-developers-security-guide/intro.html

All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

PreviousNext

Sreenadh S

Developing End-to-End IoT Applications Using Javascript

Javascript has become more popular now and its being used on all platforms and devices. In this talk, We will answer How Javascript can be used effectively for devloping end to end IoT Applications, not just for prototype? more

22 Apr 2019