Dev

Node.js just got an enterprise-grade security shot in the arm (exclusive)

Image Credit: Shutterstock

As with all young technology projects, Node has experienced its fair share of FUD on its way to the enterprise, and some of that FUD has been around security.

To help ease the FUD and make Node more secure and hacker-proof, The Node Firm, a consultancy/brain trust for Node.js, has just added to its merry band the mind behind The Node Security Project and ^Lift Security Lead, one Mr. Adam Baldwin.

“Node is at the heart of several multinational companies’ technology roadmaps,” said Node Firm managing partner Dan Shaw in an email interview with VentureBeat.

“A year or two ago, teams would ask if they should use Node to build their product because it was fun. Now node.js has become the sensible default. … An impressive percentage of the Fortune 100 companies are using Node.”

And consultancies and experts such as the ones at The Node Firm are a huge part of that transition from open-source happy-fun-time-ball-pit project to enterprise-grade technology that’s reliable, stable, and secure.

“So far, for a relatively young platform, Node has had a remarkably solid track record,” Shaw said.

“I’m not aware of any platform that has made security a priority so early on as Node has. The biggest issue that we have in front of us is keeping applications secure. Node provides fairly raw building blocks to build network application. Since it is so low-level, most of the issues that can be introduced are up to the implementor.”

Baldwin has advised the likes of GitHub, AT&T, and 37signals on security, showing that he’s got credibility and respect from the developer community — a not-too-common trait among security professionals, and one that’s necessary when working with the still-young Node.

“Having worked in security, I’m aware of the culture conflict that frequently exists between security professionals and developers,” said Baldwin.

Shameless plug: If developer-first security is something you find intriguing, have we got a conference for you. Check out DevBeat, our very first developer conference coming up this fall. Tickets are discounted now, so buy yours early and tell your code-writing friends.


Mobile developer or publisher? VentureBeat is studying mobile marketing automation. Fill out our 5-minute survey, and we'll share the data with you.
0 comments