You thought you figured out how to build your Node.js web applications with Docker? Chances are, you're probably missing out on a lot! Many articles on this topic have been written, yet sadly, without thoughtful consideration of security and production best practices for building Node.js Docker images.
In this session, we are going to hack a live running Node.js Docker container, only due to vulnerabilities in the container image and see how severe the issue is. We will also run through step-by-step production-grade guidelines for building optimized and secure Node.js Docker images by understanding the pitfalls and insecurities with every Dockerfile directive, and then fixing it. Join and master the Node.js best practices for Docker-based applications.
Liran Tal is a software developer, and a GitHub Star, world-recognized for his activism in open source communities and advancing web and Node.js security. He engages in security research through his work in the OpenJS Foundation and the Node.js ecosystem security working group, and further promotes open source supply chain security as an OWASP project lead. Liran is also a published author of Essential Node.js Security and O'Reilly's Serverless Security. At Snyk, he is leading the developer advocacy team and on a mission to empower developers with better dev-first security.