@LiftSecurity profile picture
^lift security @LiftSecurity

^Lift Security provided Security Assessments, Penetration Testing, and Consulting to help teams build secure web applications. Acquired by @npmjs.

Joined June 2012
  • Tweets 349
  • Following 13
  • Followers 628
17 Photos and videos
Pinned Tweet
^lift security@LiftSecurity
10 Apr 2018
^Lift Security has been acquired by @npmjs. buff.ly/2GL0GYi
2
10
18
We’re now a part of @npmjs to secure the world’s largest software registry and help companies develop JavaScript securely. buff.ly/2qleEFk
3
We’ve joined @npmjs! buff.ly/2GL0GYi
We’ve been acquired by @npmjs, home of the world’s largest software registry. We’re excited to create a new set of security tools and products. Learn more: buff.ly/2GL0GYi
3
4
^lift security retweeted
npm@npmjs
10 Apr 2018
npm, inc. has acquired ^lift security and the node security platform: buff.ly/2ExAw5a
9
137
333
^lift security retweeted
Mark R. Hinkle
@mrhinkle
4 Oct 2017
🎉Welcome to the @nodejs Foundation @bitnami, @chef, @Hacker0x01, @keymetrics_io, @LiftSecurity, @ProfoundLogic & @SafetyCultureHQ!
5
19
^lift security retweeted
Node.js
@nodejs
4 Oct 2017
🎉Welcome to the @nodejs Foundation @bitnami, @chef, @Hacker0x01, @keymetrics_io, @LiftSecurity, @ProfoundLogic & @SafetyCultureHQ!
18
38
Proud to announce that we’re now a member of the @nodejs foundation. linuxfoundation.org/uncatego… #nodesecurity
4
^lift security retweeted
npm@npmjs
26 Sep 2017
.@adam_baldwin shares some best practices for controlling what you publish to the npm registry: buff.ly/2fPs3Rv

1
13
19
Finding and fixing a Regular Expression Denial of Service vulnerability in #hapijs by @quitlahok medium.com/node-security/fin…

Finding and fixing ReDoS in the hapi framework

Recently a Regular Expression Denial of Service issue was reported on the content repository, a part of the hapi framework. The issue has…

medium.com
^lift security retweeted
Brian Clark@_clarkio
19 Sep 2017
Make sure to check your @nodejs dependencies are safe with @nodesecurity's OSS tools. I highly recommend using nsp: nodesecurity.io/opensource
34
56
We can confirm this is most certainly a feature that you really really want. x.com/ceejbot/status/9008188…

Ceej "oh well" Silverio@ceejbot
24 Aug 2017
Current status: considering a bug from @LiftSecurity ’s review of the feature you all want a lot really no really you want it.
1
3
Bypassing npm / yarn ignore-scripts to run arbitrary commands using the recent git ssh:// flaw by @adam_baldwin medium.com/lift-security/byp…

Bypassing npm / yarn ignore-scripts with Command Injection in package.json

Before you read this post please run git --version and if it’s not 2.14.1 or greater then please go upgrade it.

medium.com
2
2
^lift security retweeted
Node.js Security@nodesecurity
26 Jul 2017
If you're at #NodeSummit make sure to catch @adam_baldwin's talk on Hunting Malicious node modules in npm at 4:10
3
9
^lift security retweeted
Node Summit@NodeSummit
14 Jul 2017
Node Talk #16 "HUNTING FOR MALICIOUS MODULES IN NPM" @adam_baldwin@LiftSecurity Register at nodesummit.com #nodejs
2
1
Last one! We're grateful for all of the amazing clients we've got to work with. Without you we wouldn't be here! <3 liftsecurity.io/happy-birthd…
2
#9 - We've published 312 public node.js module advisories - many more private ones in the works. :) liftsecurity.io/happy-birthd…

1
1
#8 - nodesecurity.io diligently monitors 3,542 source code repositories every day liftsecurity.io/happy-birthd…

1
#7 - The nodesecurity.io nsp client has been downloaded 3.2 million times. liftsecurity.io/happy-birthd…

1
Team ^Lifter @adam_baldwin will be presenting Hunting for Malicious Modules in npm at #NodeSummit Get 25% off reg: buff.ly/2sFNxUw
Load more