Web users today demand richer, more interactive applications on the web. We all want to make your users happy, and that means a lot of Javascript!  However, modern Javascript frameworks are complex, scary, and often hard to maintain.

In this age of "minimum viable products" and "lean startups", is there room for security? Large, established companies often come with large, established security programs... but most of us don't work for one of those large companies. If you're at a startup or small business unit, chances are you're lucky if there's a single dedicated security engineer, let alone a whole group or program. So how do we bridge that gap? Well, good news: it's easy to whip your organization into shape! This talk covers five simple steps to create a security program.

Everyone codes with JavaScript on the client side. Node.js developers also use it on the server side, eliminating the cognitive overhead of switching languages. While Node is a popular choice for enterprise middleware, it's also a fine choice for building complete web applications and CMS sites.

You've probably seen "Hello World" in Node.js already. In this talk, we'll examine real-world Node.js applications that are both nontrivial and well within your reach as an individual developer.