Insecure Components4:41 with Jared Smith
Components, such as libraries, frameworks, and other software modules, almost always run with full privileges. If a vulnerable component is exploited, such an attack can facilitate serious data loss or server takeover. Applications using components with known vulnerabilities may undermine application defenses and enable a range of possible attacks and impacts.
Snyk.io - Snyk helps you use open source and stay secure by continuously finding and fixing vulnerabilities in your dependencies.
NPM-check - Check for outdated, incorrect, and unused dependencies.
- Bithound.io (like Snyk) - Comprehensive code and dependency analysis for Node.js
You need to sign up for Treehouse in order to download course files.Sign up