ºÝºÝߣshows by User: LiranTal1 / http://www.slideshare.net/images/logo.gif ºÝºÝߣshows by User: LiranTal1 / Wed, 12 Oct 2022 11:41:33 GMT ºÝºÝߣShare feed for ºÝºÝߣshows by User: LiranTal1 Snyk Intro - Developer Security Essentials 2022 /slideshow/snyk-intro-developer-security-essentials-2022/253516875 snykintro-developersecurityessentials2022v2-lirantal-221012114133-71109217
Overwhelmed with security issues in your Node.js applications? Not entirely sure how to write secure code? Join us in this workshop where you’ll learn how to improve security without being a security professional. We’ll use Snyk Code’s VS Code extension to catch and find security issues while you code, automatically fix security issues in your open source libraries, and see first-hand how to weaponize vulnerabilities to exploit working Node.js applications. You will also learn about the multiple ways of using Snyk to secure your projects, from the CLI, to CI/CD pipelines with GitHub Actions, and extend your know from secure code and secure dependencies to that of building secure containers to your Node.js apps on Docker. ]]>
Overwhelmed with security issues in your Node.js applications? Not entirely sure how to write secure code? Join us in this workshop where you’ll learn how to improve security without being a security professional. We’ll use Snyk Code’s VS Code extension to catch and find security issues while you code, automatically fix security issues in your open source libraries, and see first-hand how to weaponize vulnerabilities to exploit working Node.js applications. You will also learn about the multiple ways of using Snyk to secure your projects, from the CLI, to CI/CD pipelines with GitHub Actions, and extend your know from secure code and secure dependencies to that of building secure containers to your Node.js apps on Docker. ]]> Wed, 12 Oct 2022 11:41:33 GMT /slideshow/snyk-intro-developer-security-essentials-2022/253516875 LiranTal1@slideshare.net(LiranTal1) Snyk Intro - Developer Security Essentials 2022 LiranTal1 Overwhelmed with security issues in your Node.js applications? Not entirely sure how to write secure code? Join us in this workshop where you’ll learn how to improve security without being a security professional. We’ll use Snyk Code’s VS Code extension to catch and find security issues while you code, automatically fix security issues in your open source libraries, and see first-hand how to weaponize vulnerabilities to exploit working Node.js applications. You will also learn about the multiple ways of using Snyk to secure your projects, from the CLI, to CI/CD pipelines with GitHub Actions, and extend your know from secure code and secure dependencies to that of building secure containers to your Node.js apps on Docker. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/snykintro-developersecurityessentials2022v2-lirantal-221012114133-71109217-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Overwhelmed with security issues in your Node.js applications? Not entirely sure how to write secure code? Join us in this workshop where you’ll learn how to improve security without being a security professional. We’ll use Snyk Code’s VS Code extension to catch and find security issues while you code, automatically fix security issues in your open source libraries, and see first-hand how to weaponize vulnerabilities to exploit working Node.js applications. You will also learn about the multiple ways of using Snyk to secure your projects, from the CLI, to CI/CD pipelines with GitHub Actions, and extend your know from secure code and secure dependencies to that of building secure containers to your Node.js apps on Docker.
Snyk Intro - Developer Security Essentials 2022 from Liran Tal
]]> 744 0 https://cdn.slidesharecdn.com/ss_thumbnails/snykintro-developersecurityessentials2022v2-lirantal-221012114133-71109217-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Stranger Danger - Finding vulnerabilities before they find you - Liran Tal 2021 /slideshow/stranger-danger-finding-vulnerabilities-before-they-find-you-liran-tal-2021/244484795 strangerdangershort30min-lirantal-2021-210316065053
Open-source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it. ]]>
Open-source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it. ]]> Tue, 16 Mar 2021 06:50:53 GMT /slideshow/stranger-danger-finding-vulnerabilities-before-they-find-you-liran-tal-2021/244484795 LiranTal1@slideshare.net(LiranTal1) Stranger Danger - Finding vulnerabilities before they find you - Liran Tal 2021 LiranTal1 Open-source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/strangerdangershort30min-lirantal-2021-210316065053-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Open-source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user&#39;s data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we&#39;ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.
Stranger Danger - Finding vulnerabilities before they find you - Liran Tal 2021 from Liran Tal
]]> 38 0 https://cdn.slidesharecdn.com/ss_thumbnails/strangerdangershort30min-lirantal-2021-210316065053-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 OWASP Workshop: Docker Image Security Best Practices by Liran Tal - January 2020 /slideshow/owasp-workshop-docker-image-security-best-practices-by-liran-tal-january-2020/223509724 owaspworkshop-securingcontainersbybreakingin-lirantal-2019-200123133608
OWASP Workshop: Docker Image Security Best Practices ]]>
OWASP Workshop: Docker Image Security Best Practices ]]> Thu, 23 Jan 2020 13:36:08 GMT /slideshow/owasp-workshop-docker-image-security-best-practices-by-liran-tal-january-2020/223509724 LiranTal1@slideshare.net(LiranTal1) OWASP Workshop: Docker Image Security Best Practices by Liran Tal - January 2020 LiranTal1 OWASP Workshop: Docker Image Security Best Practices <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/owaspworkshop-securingcontainersbybreakingin-lirantal-2019-200123133608-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> OWASP Workshop: Docker Image Security Best Practices
OWASP Workshop: Docker Image Security Best Practices by Liran Tal - January 2020 from Liran Tal
]]> 38 0 https://cdn.slidesharecdn.com/ss_thumbnails/owaspworkshop-securingcontainersbybreakingin-lirantal-2019-200123133608-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 The State of Open Source Security - Liran Tal - 2019 NodeJS+Interactive Montreal /slideshow/the-state-of-open-source-security-liran-tal-2019-nodejsinteractive-montreal/206575208 thestateofopensourcesecurity-lirantal-2019nodeinteractive-191217025252
Open source security affects everything from software supply chain attacks in package managers to container security which revealed in a recent study that the top ten most popular Docker images contain at least 30 vulnerable system libraries. In this session we will further explore the security posture of open source maintainers and deep characteristics of application dependencies across language ecosystems, with stories from the Node.js and npm ecosystem. ]]>
Open source security affects everything from software supply chain attacks in package managers to container security which revealed in a recent study that the top ten most popular Docker images contain at least 30 vulnerable system libraries. In this session we will further explore the security posture of open source maintainers and deep characteristics of application dependencies across language ecosystems, with stories from the Node.js and npm ecosystem. ]]> Tue, 17 Dec 2019 02:52:52 GMT /slideshow/the-state-of-open-source-security-liran-tal-2019-nodejsinteractive-montreal/206575208 LiranTal1@slideshare.net(LiranTal1) The State of Open Source Security - Liran Tal - 2019 NodeJS+Interactive Montreal LiranTal1 Open source security affects everything from software supply chain attacks in package managers to container security which revealed in a recent study that the top ten most popular Docker images contain at least 30 vulnerable system libraries. In this session we will further explore the security posture of open source maintainers and deep characteristics of application dependencies across language ecosystems, with stories from the Node.js and npm ecosystem. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/thestateofopensourcesecurity-lirantal-2019nodeinteractive-191217025252-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Open source security affects everything from software supply chain attacks in package managers to container security which revealed in a recent study that the top ten most popular Docker images contain at least 30 vulnerable system libraries. In this session we will further explore the security posture of open source maintainers and deep characteristics of application dependencies across language ecosystems, with stories from the Node.js and npm ecosystem.
The State of Open Source Security - Liran Tal - 2019 NodeJS+Interactive Montreal from Liran Tal
]]> 85 0 https://cdn.slidesharecdn.com/ss_thumbnails/thestateofopensourcesecurity-lirantal-2019nodeinteractive-191217025252-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019 /slideshow/securing-containers-by-breaking-in-liran-tal-devseccon-tel-aviv-2019/191063160 securingcontainersbybreakingin-lirantal-2019-191106150455
There’s no better way to understand container security than seeing some live hacking! This sessions explains and distinguishes the security concern of each layer in the container stack by actually exploiting each layer. We’ll take on Kubernetes itself, the Kubernetes configuration, the container engine (sandbox escaping), OS dependencies in your images, and of course your application dependencies. Each successful hack will help you better understand the mistakes you can make, their implications, and how you can avoid them.]]>
There’s no better way to understand container security than seeing some live hacking! This sessions explains and distinguishes the security concern of each layer in the container stack by actually exploiting each layer. We’ll take on Kubernetes itself, the Kubernetes configuration, the container engine (sandbox escaping), OS dependencies in your images, and of course your application dependencies. Each successful hack will help you better understand the mistakes you can make, their implications, and how you can avoid them.]]> Wed, 06 Nov 2019 15:04:55 GMT /slideshow/securing-containers-by-breaking-in-liran-tal-devseccon-tel-aviv-2019/191063160 LiranTal1@slideshare.net(LiranTal1) Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019 LiranTal1 There’s no better way to understand container security than seeing some live hacking! This sessions explains and distinguishes the security concern of each layer in the container stack by actually exploiting each layer. We’ll take on Kubernetes itself, the Kubernetes configuration, the container engine (sandbox escaping), OS dependencies in your images, and of course your application dependencies. Each successful hack will help you better understand the mistakes you can make, their implications, and how you can avoid them. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/securingcontainersbybreakingin-lirantal-2019-191106150455-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> There’s no better way to understand container security than seeing some live hacking! This sessions explains and distinguishes the security concern of each layer in the container stack by actually exploiting each layer. We’ll take on Kubernetes itself, the Kubernetes configuration, the container engine (sandbox escaping), OS dependencies in your images, and of course your application dependencies. Each successful hack will help you better understand the mistakes you can make, their implications, and how you can avoid them.
Securing containers by Breaking In - Liran Tal - DevSecCon Tel Aviv 2019 from Liran Tal
]]> 131 0 https://cdn.slidesharecdn.com/ss_thumbnails/securingcontainersbybreakingin-lirantal-2019-191106150455-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Black Clouds and Silver Linings in Node.js Security - Liran Tal Snyk OWASP Global AppSec /slideshow/black-clouds-and-silver-linings-in-nodejs-security-liran-tal-snyk-owasp-global-appsec/157945314 black-clouds-silver-linings-in-nodejs-security-snyk-owasp-appsec-il-190725223242
With a great ecosystem, comes great responsibility, and application security is not one to wave off. Let’s review some black clouds of security horror stories in the Node.js ecosystem, and learn how to mitigate them to build secure JavaScript and Node.js applications. ]]>
With a great ecosystem, comes great responsibility, and application security is not one to wave off. Let’s review some black clouds of security horror stories in the Node.js ecosystem, and learn how to mitigate them to build secure JavaScript and Node.js applications. ]]> Thu, 25 Jul 2019 22:32:42 GMT /slideshow/black-clouds-and-silver-linings-in-nodejs-security-liran-tal-snyk-owasp-global-appsec/157945314 LiranTal1@slideshare.net(LiranTal1) Black Clouds and Silver Linings in Node.js Security - Liran Tal Snyk OWASP Global AppSec LiranTal1 With a great ecosystem, comes great responsibility, and application security is not one to wave off. Let’s review some black clouds of security horror stories in the Node.js ecosystem, and learn how to mitigate them to build secure JavaScript and Node.js applications. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/black-clouds-silver-linings-in-nodejs-security-snyk-owasp-appsec-il-190725223242-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> With a great ecosystem, comes great responsibility, and application security is not one to wave off. Let’s review some black clouds of security horror stories in the Node.js ecosystem, and learn how to mitigate them to build secure JavaScript and Node.js applications.
Black Clouds and Silver Linings in Node.js Security - Liran Tal Snyk OWASP Global AppSec from Liran Tal
]]> 108 2 https://cdn.slidesharecdn.com/ss_thumbnails/black-clouds-silver-linings-in-nodejs-security-snyk-owasp-appsec-il-190725223242-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Liran tal Stranger Danger Security vulnerabilities - Negev Web Developers meetup 2019 /slideshow/liran-tal-stranger-danger-security-vulnerabilities-negev-web-developers-meetup-2019/156088285 lirantal-strangerdanger-meetup-190717113132
Open source security vulnerabilities session about npm, JavaScript and Node.js]]>
Open source security vulnerabilities session about npm, JavaScript and Node.js]]> Wed, 17 Jul 2019 11:31:32 GMT /slideshow/liran-tal-stranger-danger-security-vulnerabilities-negev-web-developers-meetup-2019/156088285 LiranTal1@slideshare.net(LiranTal1) Liran tal Stranger Danger Security vulnerabilities - Negev Web Developers meetup 2019 LiranTal1 Open source security vulnerabilities session about npm, JavaScript and Node.js <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/lirantal-strangerdanger-meetup-190717113132-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Open source security vulnerabilities session about npm, JavaScript and Node.js
Liran tal Stranger Danger Security vulnerabilities - Negev Web Developers meetup 2019 from Liran Tal
]]> 66 2 https://cdn.slidesharecdn.com/ss_thumbnails/lirantal-strangerdanger-meetup-190717113132-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Liran Tal - StrangerDanger - Finding Security Vulnerabilities Before They Find You - Voxxed Days Frontend Bucharest 2019 /slideshow/liran-tal-strangerdanger-finding-security-vulnerabilities-before-they-find-you-voxxed-days-frontend-bucharest-2019/147401364 lirantal-strangerdanger-voxxedfrontend-bucharest2019-190524084136
Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user’s data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.]]>
Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user’s data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.]]> Fri, 24 May 2019 08:41:36 GMT /slideshow/liran-tal-strangerdanger-finding-security-vulnerabilities-before-they-find-you-voxxed-days-frontend-bucharest-2019/147401364 LiranTal1@slideshare.net(LiranTal1) Liran Tal - StrangerDanger - Finding Security Vulnerabilities Before They Find You - Voxxed Days Frontend Bucharest 2019 LiranTal1 Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user’s data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/lirantal-strangerdanger-voxxedfrontend-bucharest2019-190524084136-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user’s data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.
Liran Tal - StrangerDanger - Finding Security Vulnerabilities Before They Find You - Voxxed Days Frontend Bucharest 2019 from Liran Tal
]]> 171 1 https://cdn.slidesharecdn.com/ss_thumbnails/lirantal-strangerdanger-voxxedfrontend-bucharest2019-190524084136-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Node.js security - JS Day Italy 2018 /LiranTal1/nodejs-security-js-day-italy-2018 node-180511073721
Node.js and JavaScript adoption is high and application security plays a big part in shipping your products in the midst of cyber security threats. We will deep-dive into practical Node.js security measures which you can easily implement in your current projects. Covering topics such as OWASP Top 10 vulnerabilities, Secure Code Guidelines, Leveraging recommended npm libraries, Hardening ExpressJS, and Secure Dependencies Management with CI/CD integration.]]>
Node.js and JavaScript adoption is high and application security plays a big part in shipping your products in the midst of cyber security threats. We will deep-dive into practical Node.js security measures which you can easily implement in your current projects. Covering topics such as OWASP Top 10 vulnerabilities, Secure Code Guidelines, Leveraging recommended npm libraries, Hardening ExpressJS, and Secure Dependencies Management with CI/CD integration.]]> Fri, 11 May 2018 07:37:21 GMT /LiranTal1/nodejs-security-js-day-italy-2018 LiranTal1@slideshare.net(LiranTal1) Node.js security - JS Day Italy 2018 LiranTal1 Node.js and JavaScript adoption is high and application security plays a big part in shipping your products in the midst of cyber security threats. We will deep-dive into practical Node.js security measures which you can easily implement in your current projects. Covering topics such as OWASP Top 10 vulnerabilities, Secure Code Guidelines, Leveraging recommended npm libraries, Hardening ExpressJS, and Secure Dependencies Management with CI/CD integration. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/node-180511073721-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Node.js and JavaScript adoption is high and application security plays a big part in shipping your products in the midst of cyber security threats. We will deep-dive into practical Node.js security measures which you can easily implement in your current projects. Covering topics such as OWASP Top 10 vulnerabilities, Secure Code Guidelines, Leveraging recommended npm libraries, Hardening ExpressJS, and Secure Dependencies Management with CI/CD integration.
Node.js security - JS Day Italy 2018 from Liran Tal
]]> 143 1 https://cdn.slidesharecdn.com/ss_thumbnails/node-180511073721-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Node.js Security - XSS, Vulnerable Dependencies, Snyk, OWASP /slideshow/nodejs-security-xss-vulnerable-dependencies-snyk-owasp/83467106 node-171206075402
Liran is leading the core team for the MEAN.js JavaScript framework. He recently published Essential Node.js Security. Passionate about Open Source since an early age, he is continuously contributing to many projects on GitHub around Node.js, JavaScript, Docker, and Security. Being an avid supporter and contributor to the open source movement, in 2007 Liran has redefined network RADIUS management by establishing daloRADIUS, a world-recognized and industry-leading open source project (http://www.daloradius.com).]]>
Liran is leading the core team for the MEAN.js JavaScript framework. He recently published Essential Node.js Security. Passionate about Open Source since an early age, he is continuously contributing to many projects on GitHub around Node.js, JavaScript, Docker, and Security. Being an avid supporter and contributor to the open source movement, in 2007 Liran has redefined network RADIUS management by establishing daloRADIUS, a world-recognized and industry-leading open source project (http://www.daloradius.com).]]> Wed, 06 Dec 2017 07:54:02 GMT /slideshow/nodejs-security-xss-vulnerable-dependencies-snyk-owasp/83467106 LiranTal1@slideshare.net(LiranTal1) Node.js Security - XSS, Vulnerable Dependencies, Snyk, OWASP LiranTal1 Liran is leading the core team for the MEAN.js JavaScript framework. He recently published Essential Node.js Security. Passionate about Open Source since an early age, he is continuously contributing to many projects on GitHub around Node.js, JavaScript, Docker, and Security. Being an avid supporter and contributor to the open source movement, in 2007 Liran has redefined network RADIUS management by establishing daloRADIUS, a world-recognized and industry-leading open source project (http://www.daloradius.com). <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/node-171206075402-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Liran is leading the core team for the MEAN.js JavaScript framework. He recently published Essential Node.js Security. Passionate about Open Source since an early age, he is continuously contributing to many projects on GitHub around Node.js, JavaScript, Docker, and Security. Being an avid supporter and contributor to the open source movement, in 2007 Liran has redefined network RADIUS management by establishing daloRADIUS, a world-recognized and industry-leading open source project (http://www.daloradius.com).
Node.js Security - XSS, Vulnerable Dependencies, Snyk, OWASP from Liran Tal
]]> 813 1 https://cdn.slidesharecdn.com/ss_thumbnails/node-171206075402-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Cluj JSHeroes 2017 - Liran Tal on Node.js Security /slideshow/cluj-jsheroes-2017-liran-tal-on-nodejs-security/76797014 node-170609114232
Security is often an overlooked topic for JavaScript developers whether on the frontend or backend stack. In this session we will review essential security topics such as NoSQL Injections, ReDOS Attacks, Insecure dependencies and employing the use of HTTP Headers for enhanced security.]]>
Security is often an overlooked topic for JavaScript developers whether on the frontend or backend stack. In this session we will review essential security topics such as NoSQL Injections, ReDOS Attacks, Insecure dependencies and employing the use of HTTP Headers for enhanced security.]]> Fri, 09 Jun 2017 11:42:32 GMT /slideshow/cluj-jsheroes-2017-liran-tal-on-nodejs-security/76797014 LiranTal1@slideshare.net(LiranTal1) Cluj JSHeroes 2017 - Liran Tal on Node.js Security LiranTal1 Security is often an overlooked topic for JavaScript developers whether on the frontend or backend stack. In this session we will review essential security topics such as NoSQL Injections, ReDOS Attacks, Insecure dependencies and employing the use of HTTP Headers for enhanced security. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/node-170609114232-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Security is often an overlooked topic for JavaScript developers whether on the frontend or backend stack. In this session we will review essential security topics such as NoSQL Injections, ReDOS Attacks, Insecure dependencies and employing the use of HTTP Headers for enhanced security.
Cluj JSHeroes 2017 - Liran Tal on Node.js Security from Liran Tal
]]> 460 2 https://cdn.slidesharecdn.com/ss_thumbnails/node-170609114232-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 HPLN Web Performance Optimization - Liran tal /slideshow/hpln-web-performance-optimization-liran-tal/70015522 hplnwebperformanceoptimization-2014-shortpublic-161210160920
Liran Tal presenting at the HP Office in Cluj Romania - review of how we optimized HP Live Network's web marketplace performance in various layers of the server-side stack to achieve 10x performance improvement.]]>
Liran Tal presenting at the HP Office in Cluj Romania - review of how we optimized HP Live Network's web marketplace performance in various layers of the server-side stack to achieve 10x performance improvement.]]> Sat, 10 Dec 2016 16:09:19 GMT /slideshow/hpln-web-performance-optimization-liran-tal/70015522 LiranTal1@slideshare.net(LiranTal1) HPLN Web Performance Optimization - Liran tal LiranTal1 Liran Tal presenting at the HP Office in Cluj Romania - review of how we optimized HP Live Network's web marketplace performance in various layers of the server-side stack to achieve 10x performance improvement. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/hplnwebperformanceoptimization-2014-shortpublic-161210160920-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Liran Tal presenting at the HP Office in Cluj Romania - review of how we optimized HP Live Network&#39;s web marketplace performance in various layers of the server-side stack to achieve 10x performance improvement.
HPLN Web Performance Optimization - Liran tal from Liran Tal
]]> 91 2 https://cdn.slidesharecdn.com/ss_thumbnails/hplnwebperformanceoptimization-2014-shortpublic-161210160920-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Node.js Security Done Right - Tips and Tricks They Won't Teach You In School /slideshow/nodejs-security-done-right-tips-and-tricks-they-wont-teach-you-in-school/66202466 owaspappsecil-nodejssecurityv4-160920082637
NodeJS, and JavaScript at large are quickly taking over software whether it is GitHub’s statistics for projects growth, the IoT industry, ChatOps projects written in JavaScript and Enterprises adoption is growing as well. With this trend, it is imperative to review OWASP security practices and learn how to harden NodeJS Web Applications.​ ​ We will begin with a quick NodeJS intro and a few fail stories of how things can go wrong. ​ We will quickly dive into hands-on practical implementation of security measures to adopt in your current or future NodeJS project. Next I will show how to leverage widely adopted security tools for integration in the build and CI/CD process to audit and test for security vulnerabilities, as well as leveraging successful enterprise-level open source npm libraries to enhance your web application’s security.​ ​ In summary: in this session I will demonstrate:​ * Securing ExpressJS by adopting mature and commonly used npm libraries​ * Secure code guidelines for JavaScript software developers​ * Integrating NodeJS security measures as part of your build CI/CD DevOps process]]>
NodeJS, and JavaScript at large are quickly taking over software whether it is GitHub’s statistics for projects growth, the IoT industry, ChatOps projects written in JavaScript and Enterprises adoption is growing as well. With this trend, it is imperative to review OWASP security practices and learn how to harden NodeJS Web Applications.​ ​ We will begin with a quick NodeJS intro and a few fail stories of how things can go wrong. ​ We will quickly dive into hands-on practical implementation of security measures to adopt in your current or future NodeJS project. Next I will show how to leverage widely adopted security tools for integration in the build and CI/CD process to audit and test for security vulnerabilities, as well as leveraging successful enterprise-level open source npm libraries to enhance your web application’s security.​ ​ In summary: in this session I will demonstrate:​ * Securing ExpressJS by adopting mature and commonly used npm libraries​ * Secure code guidelines for JavaScript software developers​ * Integrating NodeJS security measures as part of your build CI/CD DevOps process]]> Tue, 20 Sep 2016 08:26:37 GMT /slideshow/nodejs-security-done-right-tips-and-tricks-they-wont-teach-you-in-school/66202466 LiranTal1@slideshare.net(LiranTal1) Node.js Security Done Right - Tips and Tricks They Won't Teach You In School LiranTal1 NodeJS, and JavaScript at large are quickly taking over software whether it is GitHub’s statistics for projects growth, the IoT industry, ChatOps projects written in JavaScript and Enterprises adoption is growing as well. With this trend, it is imperative to review OWASP security practices and learn how to harden NodeJS Web Applications.​ ​ We will begin with a quick NodeJS intro and a few fail stories of how things can go wrong. ​ We will quickly dive into hands-on practical implementation of security measures to adopt in your current or future NodeJS project. Next I will show how to leverage widely adopted security tools for integration in the build and CI/CD process to audit and test for security vulnerabilities, as well as leveraging successful enterprise-level open source npm libraries to enhance your web application’s security.​ ​ In summary: in this session I will demonstrate:​ * Securing ExpressJS by adopting mature and commonly used npm libraries​ * Secure code guidelines for JavaScript software developers​ * Integrating NodeJS security measures as part of your build CI/CD DevOps process <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/owaspappsecil-nodejssecurityv4-160920082637-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> NodeJS, and JavaScript at large are quickly taking over software whether it is GitHub’s statistics for projects growth, the IoT industry, ChatOps projects written in JavaScript and Enterprises adoption is growing as well. With this trend, it is imperative to review OWASP security practices and learn how to harden NodeJS Web Applications.​ ​ We will begin with a quick NodeJS intro and a few fail stories of how things can go wrong. ​ We will quickly dive into hands-on practical implementation of security measures to adopt in your current or future NodeJS project. Next I will show how to leverage widely adopted security tools for integration in the build and CI/CD process to audit and test for security vulnerabilities, as well as leveraging successful enterprise-level open source npm libraries to enhance your web application’s security.​ ​ In summary: in this session I will demonstrate:​ * Securing ExpressJS by adopting mature and commonly used npm libraries​ * Secure code guidelines for JavaScript software developers​ * Integrating NodeJS security measures as part of your build CI/CD DevOps process
Node.js Security Done Right - Tips and Tricks They Won't Teach You In School from Liran Tal
]]> 1019 2 https://cdn.slidesharecdn.com/ss_thumbnails/owaspappsecil-nodejssecurityv4-160920082637-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Open Source and the MEAN stack /slideshow/open-source-and-the-mean-stack/58776325 opensourceandthemeanstack-160226221346
On Open Source software, why and how you should do it. Introduction and review of the JavaScript full-stack MEAN technology: AngularJS, MongoDB, ExpressJS and NodeJS.]]>
On Open Source software, why and how you should do it. Introduction and review of the JavaScript full-stack MEAN technology: AngularJS, MongoDB, ExpressJS and NodeJS.]]> Fri, 26 Feb 2016 22:13:46 GMT /slideshow/open-source-and-the-mean-stack/58776325 LiranTal1@slideshare.net(LiranTal1) Open Source and the MEAN stack LiranTal1 On Open Source software, why and how you should do it. Introduction and review of the JavaScript full-stack MEAN technology: AngularJS, MongoDB, ExpressJS and NodeJS. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/opensourceandthemeanstack-160226221346-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> On Open Source software, why and how you should do it. Introduction and review of the JavaScript full-stack MEAN technology: AngularJS, MongoDB, ExpressJS and NodeJS.
Open Source and the MEAN stack from Liran Tal
]]> 494 5 https://cdn.slidesharecdn.com/ss_thumbnails/opensourceandthemeanstack-160226221346-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 HPLN Meet Git - Public /slideshow/hpln-meet-git-public/58528712 140917307-hpln-meet-git-public-2013-160221194810
Migrating from SVN to Git, I've prepared a deck for training my team on Git concepts. ]]>
Migrating from SVN to Git, I've prepared a deck for training my team on Git concepts. ]]> Sun, 21 Feb 2016 19:48:10 GMT /slideshow/hpln-meet-git-public/58528712 LiranTal1@slideshare.net(LiranTal1) HPLN Meet Git - Public LiranTal1 Migrating from SVN to Git, I've prepared a deck for training my team on Git concepts. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/140917307-hpln-meet-git-public-2013-160221194810-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Migrating from SVN to Git, I&#39;ve prepared a deck for training my team on Git concepts.
HPLN Meet Git - Public from Liran Tal
]]> 128 4 https://cdn.slidesharecdn.com/ss_thumbnails/140917307-hpln-meet-git-public-2013-160221194810-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 daloRADIUS - Cracking a hole in the HotSpot /slideshow/daloradius-cracking-a-hole-in-the-hotspot/58528617 212829875-daloradius-cracking-a-hole-in-the-hotspot-2014-160221194431
From black holes to wireless networking - Wireless ISPs and Hotspots, the RADIUS and How It Works. A journey through open source, from need to product.]]>
From black holes to wireless networking - Wireless ISPs and Hotspots, the RADIUS and How It Works. A journey through open source, from need to product.]]> Sun, 21 Feb 2016 19:44:31 GMT /slideshow/daloradius-cracking-a-hole-in-the-hotspot/58528617 LiranTal1@slideshare.net(LiranTal1) daloRADIUS - Cracking a hole in the HotSpot LiranTal1 From black holes to wireless networking - Wireless ISPs and Hotspots, the RADIUS and How It Works. A journey through open source, from need to product. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/212829875-daloradius-cracking-a-hole-in-the-hotspot-2014-160221194431-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> From black holes to wireless networking - Wireless ISPs and Hotspots, the RADIUS and How It Works. A journey through open source, from need to product.
daloRADIUS - Cracking a hole in the HotSpot from Liran Tal
]]> 161 4 https://cdn.slidesharecdn.com/ss_thumbnails/212829875-daloradius-cracking-a-hole-in-the-hotspot-2014-160221194431-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 DaloRADIUS 2014 - 7th Anniversary /slideshow/daloradius-2014-7th-anniversary/58528568 229669233-daloradius-2014-7th-anniversary-160221194148
daloRADIUS is an advanced RADIUS web platform aimed at managing Hotspots and general-purpose ISP deployments. It features rich user management, graphical reporting, accounting, and integrates with Google Maps for geo-locating (GIS). With daloRADIUS you can easily and quickly manage your FreeRADIUS deployment, thanks to flexible user interface and navigation flow.]]>
daloRADIUS is an advanced RADIUS web platform aimed at managing Hotspots and general-purpose ISP deployments. It features rich user management, graphical reporting, accounting, and integrates with Google Maps for geo-locating (GIS). With daloRADIUS you can easily and quickly manage your FreeRADIUS deployment, thanks to flexible user interface and navigation flow.]]> Sun, 21 Feb 2016 19:41:48 GMT /slideshow/daloradius-2014-7th-anniversary/58528568 LiranTal1@slideshare.net(LiranTal1) DaloRADIUS 2014 - 7th Anniversary LiranTal1 daloRADIUS is an advanced RADIUS web platform aimed at managing Hotspots and general-purpose ISP deployments. It features rich user management, graphical reporting, accounting, and integrates with Google Maps for geo-locating (GIS). With daloRADIUS you can easily and quickly manage your FreeRADIUS deployment, thanks to flexible user interface and navigation flow. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/229669233-daloradius-2014-7th-anniversary-160221194148-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> daloRADIUS is an advanced RADIUS web platform aimed at managing Hotspots and general-purpose ISP deployments. It features rich user management, graphical reporting, accounting, and integrates with Google Maps for geo-locating (GIS). With daloRADIUS you can easily and quickly manage your FreeRADIUS deployment, thanks to flexible user interface and navigation flow.
DaloRADIUS 2014 - 7th Anniversary from Liran Tal
]]> 148 4 https://cdn.slidesharecdn.com/ss_thumbnails/229669233-daloradius-2014-7th-anniversary-160221194148-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 https://cdn.slidesharecdn.com/profile-photo-LiranTal1-48x48.jpg?cb=1665574867 Liran is a top contributor to the open source MEAN.js, and MEAN.io full stack JavaScript frameworks, and nowadays leads the MEAN.JS project as part of the core team. At Hewlett Packard Enterprise, Liran is leading the R&D engineering team for HPE Software’s enterprise content marketplace, and collaboration platform, which employs a micro-services architecture based on Java, JavaScript, and the MEAN stack at-large. He loves mentoring and empowering team members, drive for better code methodology, and engage and promote open source projects. Avid supporter and contributor to the open source software movement, in 2007 Liran has redefined network RADIUS management with daloRADIUS. http://www.enginx.com/blog.xml https://cdn.slidesharecdn.com/ss_thumbnails/snykintro-developersecurityessentials2022v2-lirantal-221012114133-71109217-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/snyk-intro-developer-security-essentials-2022/253516875 Snyk Intro - Developer... https://cdn.slidesharecdn.com/ss_thumbnails/strangerdangershort30min-lirantal-2021-210316065053-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/stranger-danger-finding-vulnerabilities-before-they-find-you-liran-tal-2021/244484795 Stranger Danger - Find... https://cdn.slidesharecdn.com/ss_thumbnails/owaspworkshop-securingcontainersbybreakingin-lirantal-2019-200123133608-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/owasp-workshop-docker-image-security-best-practices-by-liran-tal-january-2020/223509724 OWASP Workshop: Docker...