By Paul Krill | InfoWorld Posted on June 20, 2014
With Node.js having become a critical cog at places such as PayPal and Wal-Mart, developers need to be mindful of securing their Node.js applications, technologists are advising.
The server-side JavaScript platform is now being used to protect things like financial transactions and other enterprise client data, said Adam Baldwin, chief security offer at Web software marketer ^Lift Security. Node.js shares security issues with its client-side brother, JavaScript, as well with other platforms, Baldwin said. "The core of Node is JavaScript so Node inherits any concerns there might be with JavaScript. However the execution context of V8, the JavaScript engine Node uses, is entirely different than a browser because it executes on the server. That difference adds some unique surface area [for attacks]."
InforWorld/ full read here/ http://www.infoworld.com/t/javascript/nodejs-the-latest-security-risk-developers-244713
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.