Submit to your local DSC chapter CFPSubmit now!

DSC Germany

The tale of avoiding a time-based DDOS attack in Node.js

with Paolo Insogna


Web applications are commonly vulnerable to several Distributed Denial of Service attacks, sometimes in unexpected ways. An example is the SlowLoris attack, an exploit that leads to service interruption by simply sending the data to the server as slowest as possible. In this talk Paolo tells the tale of how it took almost 13 years for Node to be completely protected by SlowLoris attack. He also demonstrates that sometimes prioritizing performance can lead to incorrect fixes that can result in a false sense of protection.


🗣️ Join the DevSecOps Community on our Discord channel to discuss this talk with other security-focused practitioners!


Paolo Insogna

Senior DX Engineer at NearFrom

About Paolo Insogna

Node.js Core Member, Senior DX Engineer, Full-Stack Expert and Polyglot Developer. RPG and LARP addicted and nerd on lot more. From Campobasso, Italy.

We use cookies to ensure you get the best experience on our website.Read Privacy Policy