Misconfiguration5:47 with Jared Smith
This vulnerability allows an attacker to accesses default accounts, unused pages, unpatched flaws, unprotected files and directories, etc. to gain unauthorized access to or knowledge of the system. Security misconfiguration can happen at any level of an application stack, including the platform, web server, application server, database, framework, and custom code.
OWASP Security Misconfiguration
Helmet: Express.js security with HTTP headers
npm-package-locks: An explanation of npm lockfiles
npm-shrinkwrap: Lock down dependency versions for publication
Body-parser - Node.js body parsing middleware: Limit middleware as part of the body-parser middleware.
You need to sign up for Treehouse in order to download course files.Sign up