Update: Learn From The Experts Of RisingStack - We organize trainings in 2018 as well. Click here for more info, and seek contact with us if you’re interested in any of them. See you there!

Starting from September, RisingStack's instructors will be traveling Europe to hold trainings on Node.js Fundamentals, Microservices and Security.

Read the agenda for the Node.js Securitiy training below.

This course is for you, if

  • you use Node.js in your organization,
  • you want to understand security in Node.js better,
  • you want to migrate to Node.js,
  • you want hands-on experience in secure servers with Node.js.

This Node.js Training was available in

Vienna, Barcelona, Berlin, London, Dublin, Zurich, Paris, Lisbon & Amsterdam.

In case you have any questions regarding this training, or you’d like to invite our team to hold a training exclusively for your company, please reach out to [email protected].


These are 2-day-long trainings. (Start: 10:00AM; Finish: 5:00PM.)

Day One:

1. Injection

Injection attacks are among the most common attack vectors - they include SQL Injections, Cross Site Scripting (XSS) or trusted third-party sites. In this section, you will learn what these attacks are, and how you can defend your applications against them.

2. Authentication

Learn how you can properly authenticate users, how to handle cookies, how to store passwords and sessions.

3. Cross Site Request Forgery

In this section, we will go through what CSRF is, and how attackers might try to exploit it. You will learn how to defend your applications against them.

4. Insecure Dependencies

npm has hundreds of thousands of modules. Sometimes, with an ecosystem this big, security vulnerabilities will be introduced to certain modules. You will learn how you can monitor your dependencies.

Day Two:

5. Default Configurations

Default configurations are sometimes not security-minded. They focus on the ease of use, therefore often leaving doors open for attackers. We will take a look at how you can secure your deployments with better configurations.

6. Logging

It is crucial to have a detailed audit log of what happens in your systems. With the help of them, you can investigate issues. However, logging has its danger sources as well, so you need to learn how to be security-minded when developing Node applications.

7. The Human Factor

95% of security problems are the result of some human error, like sending passwords in emails or using the same user for multiple actual users. In this part, we will go through some actionable items to make your company more secure.


You will get a lot more out of this course if:

  • You have a basic understanding of Node.js.
  • You have or want to build an app using Express or Koa.

About the instructor

Gergely Nemeth

Gergely is one of the founders of RisingStack, and a long-time Node.js user. He is very keen on security, so he will hold most of the Securing Web Applications classes.

Gergely wrote a number of articles on Node.js security and spoke at conferences:

You can find Gergely on Twitter under @nthgergo.

Related topics