Protecting my Node.js project of dependency confusion attacks

Having a private registry as part of a stack is getting a popular trend due to the benefits that it brings to your organization.

Wednesday, April 21, 2021, 12:00 AM - 9:00 PM (UTC+02:00)
Created by: verdaccio

About


Having a private registry as part of a stack is getting a popular trend due to the benefits that it brings to your organization. But a misconfigured registry can open the door to malicious individuals. This talk is about how to secure a Node.js project from dependency confusions and other possible attacks using a Verdaccio registry as proof of concept.

Node.js Dependency Confusion Attacks & Vulnerabilities in Go Binaries | Meetup

Our team

Juan Carlos P...

Admin
I just love this project :)

Daniel Ruf

Core Contributor

Budget


Transparent and open finances.

$
Today’s balance

--.-- USD

Total raised

--.-- USD

Total disbursed

--.-- USD

Estimated annual budget

--.-- USD