Secure Programming with Node.js

Let me start with a recommendation: before starting with Node.js, make certain that developers know everything there is to know about Cross-Site-Scripting (XSS) and how to defend against XSS exploits. If they don’t, remember that with Node.js a XSS issue will result in* malicious code running on your server* »

Mapping the Skies, OWASP ASVS against Testing Guide (part one)

Unfortunately there are too many standards to choose from in the security world. If one needs to be compliant with multiple standards you better know where they overlap, what is not included, where they contradict each other, or where the level of detail is completely different. Until every vendor agrees that one »