• Online, Self-Paced
Course Description

In this defending Node.js lab the learner will fix a vulnerability that discloses sensitive information in error messages. The lab features an authentication page that discloses whether a specific username is valid or not when invalid authentication credentials are provided, thus allowing valid username enumeration.

Learning Objectives

On successful completion of this lab, learners will demonstrate their ability to:

  • Prevent disclosing sensitive information in error messages within Node.js applications

Framework Connections

Specialty Areas

  • Risk Management
  • Software Development