Home Security & Privacy Node.js Security

Node.js Security Cheat Sheet

Dependencies, CSP, and environment hardening

Last Updated: November 21, 2025

Dependency Hygiene

Check Action
npm audit Fail on high CVEs
npm outdated Update libs
lockfile Commit with CI

Commands

helmet()
Set secure headers
dotenv-safe
Enforce env keys
npm audit fix
Auto-fix vulnerabilities

Monitoring

Log suspicious input, enforce CSP, and keep dependencies trimmed.

Related Cheat Sheets

Vault Secrets Engines

Enable engines, generate dynamic credentials, and renew leases

Incident Response

Declare incidents, contain, communicate, and learn

Passwordless Authentication

Deploy magic links, WebAuthn passkeys, and OTP flows

AWS IAM Policies

Design IAM policies and test with the simulator

💡 Pro Tip: Use npm audit during CI, rotate secrets, and shield headers.

Related Cheat Sheets

Browse all Security & Privacy →

← Back to Security & Privacy | Browse all categories | View all cheat sheets