• Online, Self-Paced
Course Description

In this defending Node.js lab the learner will fix a vulnerability that discloses sensitive information in error messages. The lab features an authentication page that discloses whether a specific username is valid or not when invalid authentication credentials are provided, thus allowing valid username enumeration.

Learning Objectives


On successful completion of this lab, learners will demonstrate their ability to:


  • Prevent disclosing sensitive information in error messages within Node.js applications


Framework Connections

Specialty Areas

  • Risk Management
  • Software Development