Hi, I'm Liran 👋
Software Engineer · Web Security Activist · Open Source Software Champion
A GitHub Star, world-wide recognized for championing open source software and actively working within communities to inspire and lift other humans. A JavaScript & Node.js software developer, building web applications and command-line tools. A web security activist , engaging in security research, software supply chain security, and regular contributor and project lead to OWASP Foundation projects. An avid member of the Node.js Foundation ecosystem security working group, dedicated to advancing Node.js security awareness and skillset in the open source community. Developer Advocate at Snyk.
Web Security Activism
- Member of Node.js Foundation's Ecosystem Security working group
- OWASP Project Member of NodeGoat
- OWASP Project Lead for CWE Tool and CWE SDK
- Author of npm Security Cheat Sheet
- Author of Node.js Docker Security Cheat Sheet
Latest blog posts
- 2022-03-16 / peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine
⚠️ - 2022-03-14 / Build a software bill of materials (SBOM) for open source supply chain security
- 2022-03-08 / Celebrating amazing open source innovation from Ukraine
🇺🇦 - 2022-02-09 / Join “The Big Fix” to secure your projects with Snyk and earn cool swag
- 2022-01-09 / Open source maintainer pulls the plug on npm packages colors and faker, now what?
- 2021-12-13 / The Log4j vulnerability and its impact on software supply chain security
- 2021-11-11 / Best practices for containerizing Python applications with Docker
- 2021-11-09 / How to effectively detect and mitigate Trojan Source attacks in JavaScript codebases with ESLint
Published Author
Essential Node.js Security Liran Tal |
Web Security: Learning HTTP Security Headers Liran Tal |
O'Reilly Serverless Security Guy Podjarny, Liran Tal |
Snyk's State of Open Source Security 2019 Liran Tal |