Securing Node.js APIs with Decentralised Identity Tokens

Mohammad Shahbaz Alam

Modern GraphQL API Security Testing 

Automated Application Security Testing 

Scott Gerlach

Mock Service Worker 2.0

Artem Zakharchenko

Safely Handling Dynamic Data with TypeScript

Ethan Arrowood

TestJS Summit

TestJS Summit 2023

It's been half a decade since Mock Service Worker (MSW) has changed the way developers approach and think of API mocking in JavaScript. With all its innovation, I felt we could do more. I spent the last year making that happen. I can't wait to share it with all of you!

GraphQL Galaxy

GraphQL Galaxy 2022

With StackHawk, engineering teams can run security tests against GraphQL APIs to find and fix vulnerabilities before they hit production. With automated testing on every PR, you can be confident that your app is secure. Join StackHawk co-founder and Chief Security Officer Scott Gerlach for a quick overview of GraphQL security testing with StackHawk.

React Summit

React Summit 2022

Traditional security testing for JS apps has focused on the front-end, but actual security issues most often lie in the backing REST API. Join StackHawk co-founder Scott Gerlach for a quick overview of why you need to rethink how you test your JS apps and how StackHawk can help you find and fix security bugs fast.

TestJS Summit 2021

With StackHawk, engineering teams can run security tests against JS applications and the backing APIs to find and fix vulnerabilities faster. With automated testing on every PR, you can be confident that your app is secure. Join StackHawk co-founder Scott Gerlach for a quick overview of JS application security testing with StackHawk. <a href="https://www.froala.com/wysiwyg-editor?pb=1"> </a>

Node Congress

Node Congress 2021

TypeScript makes JavaScript safer adding static type definitions. Static definitions are wonderful; they prevent developers from making trivial mistakes ensuring every assignment and invocation is done correctly. A variable typed as a string cannot be assigned a number, and a function expecting three arguments cannot be called with only two. These definitions only exist at build time though; the code that is eventually executed is just JavaScript. But what about the response from an API request? In this talk Ethan Arrowood, Software Engineer 2 @ Microsoft, he will cover various solutions for safely typing dynamic data in TypeScript applications. This talk features popular technologies such as Fastify, JSON Schema, Node.js, and more! <a href="https://www.froala.com/wysiwyg-editor?pb=1"> </a>

JSNation Live

JSNation Live 2021

Authentication and Authorization are serious problems. We often dedicate a lot of time to craft powerful APIs but overlook proper security measures. Let's solve it with Magic using a key-based identity solution built on top of DID standard, where users’ identities are self-sovereign leveraging blockchain public-private key pairs. In this talk, we’ll look at proper ways to secure our Node.js APIs with Decentralised Identity Tokens. We’ll go from learning what Decentralised Identity standards are, how the users’ identities are self-sovereign leveraging blockchain public-private key pairs, why they’re the future of API security, and to put theory into practice we will build a real-world implementation using Node.js where I’ll show common best practices. <a href="https://www.froala.com/wysiwyg-editor?pb=1"> </a>

#api security