Node Security and Performance Training

One day hands on training about Node.js Security and Performance brought to you in cooperation by YLD! and ^Lift Security. Delivered by Matthew Lowe and Pedro Teixeira, with a little help from David Dias and Adam Baldwin.


In this training, you will have the opportunity to learn about:


  • Defining and measuring the performance of a Node app
  • Techniques for monitoring
  • Understanding the Event Loop
  • Measuring Event Loop Lag
  • Understanding what the CPU is doing using Dtrace and V8 profiling
  • How Garbage Collection works and impact on performance
  • How to use tools like Heap-dump and MDB to analyze V8 memory
  • Fixing I/O-bound processes
  • Fixing CPU-bound processes
  • Fixing memory-bound processes
  • Techniques to improve performance of hot code paths


  • Approaches for building securely with both Hapi and Express
  • Authentication, Authorization and Session Management
  • Handling Sensitive Data
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • SQL Injection / Command Injection
  • Directory Traversal
  • Mass Assignment
  • Security Headers
  • Security Misconfiguration
  • Using the Node Security Project to identify known vulnerabilities


  • 09:00H - Welcoming and face to face meeting, get your computer set up
  • 09:10H - Training Starts
  • 12:30H - Lunch
  • 18:00H - Training Ends

*Try to be at the venue 10 minutes early

Ticket Includes

  • Full day of Training
  • Coffee and Tea Service
  • Lunch

Seats are limited


  • Ended
  • Registration is not currently available.

By the power of Tito

Get Notified When Tickets Go On Sale