Preventing SQL injection in Node.js (and other vulnerabilities)
Kelvin Gobo
The database is an essential part of a web application. It’s where you receive and store users’ data, which you can then use to provide personalized services. As such, database…
Browsing Category
Node.js
15 posts
How to debug memory leaks in a Node.js application on Heroku
Vladimir
Debugging memory leaks is rarely a piece of cake, especially when they only happen in production. The best way I’ve found to debug memory leaks in a Node.js application on…
Experimenting with remote debugging: Node.js runtime code injection
tl;dr Remote debugging is fun to play around with. This article describes a method to dynamically change the behavior of a running Node.js process by enabling the remote inspector interface…
Top 11 Node.js security best practices
Dawid Ziolkowski
Node.js is extremely popular nowadays, primarily as a backend server for web applications. However, in the world of microservices, you can find it pretty much everywhere, playing different and important…
Application security for GraphQL: how is it different?
GraphQL is one of the hottest topics in the API world right now. It provides an abstraction layer over more traditional HTTP communications, and has changed the way we build…
Building a native add-on for Node.js in 2019
Okay, but first: why the hell would you build a native add-on for Node.js? The Node.js/JavaScript ecosystem is the most popular in the world with more than 1 million packages…
State of Node.js Security 2017
Don Goodman-Wilson
A wake-up call It will be hard to escape 2017 without a new-found respect for the importance of application security. The Equifax breach, resulting from an exploit of a well-known…
Picking the best JS engine for your Node app’s performance
tl;dr Node.js is evolving right now. The recent Node.js v8 version (not to be mistaken with V8, the JavaScript engine) has just been published. In the meanwhile, the ChakraCore based…
Optimize your Node app by simply upgrading Node.js
tl;dr In January, I published an article on RisingStack’s blog. This article was an introduction to Node.js performance (and in V8 JavaScript Engine in general). Now it is time for…
Behind the Scenes: Building a Dynamic Instrumentation Agent for Node.js
TL;DR Building a dynamic instrumentation agent for Node.js is a complex challenge. At Sqreen, we provide a powerful security tool for development teams using Node.js. You will be able to…