Node Security Project's Adam Baldwin

Node Security Project's Adam Baldwin

Modulus interviews Adam Baldwin from the Node security project and &yet.

Sometimes we get lucky enough to interview someone that is moving the community forward. We got the pleasure of asking Adam Baldwin a few questions. He’s an interesting guy who is trying to make the community better and safer. Adam has his hands in a lot of projects and is passionate about all of the things he does.

Who are you?

Oh hi. I'm Adam Baldwin. Not like that actor fellow, I'm the CSO at &yet, where we make web software for human people. Things like And Bang and Talky.

I'm also the Team Lead at ^lift security, where we get to break all the web software. No seriously, we have the pleasure of helping make the awesome things developers build, more secure! It's an amazing job where we turn breaking things into building better things.

I also founded and organize the Node Security Project.

What’s your background?

I got my first tech job when I was 15, building and fixing computer systems. From that experience I learned some of the basics of hacking and reverse engineering. I was fortunate to have a mentor who helped me to channel my curiosity into the appropriate outlet. My mentor has since passed away, however I'm forever grateful for having had that mentorship and opportunity, and I do everything I can to give passionate people who are in that curious position those opportunities, like I was.

I haven't looked back since that first job in tech. I've done support, systems and network administration. I've also done development, consulting and penetration testing professionally.

How did you discover node.js and what got you so passionate about it?

I discovered node when &yet started using node to build realtime software projects for their clients. Out of necessity I had to understand how things worked in node.js land, what the threats were and how we could build quality, secure software for &yet's clients. I've grown to love node.js because of the community. Sure, there are rough edges to any community but I love that node developers embrace feedback on security and genuinely care about building quality software.

What is the node security project?

The Node Security Project is an effort to change the way we approach security within the node community. We realized that we couldn't do things the same ways as other communities and expect different results so we are trying something different — a focused effort to evangelize security principles, audit modules created by the community, and publish the results.

It's still a young project. We are building tools and can always use help. Contribute over at https://github.com/nodesecurity/, or if you're not sure where to start just drop us an email at contact@liftsecurity.io and we will help you out.

How did you get involved with it?

I started it as a crazy idea to find and research bugs within the node community. Then I realized the educational power of the project to teach developers about security issues by assisting with the project and to give security "researchers" an outlet to report bugs and have them hopefully managed in a responsible way.

What do you do for fun?

I love trying to find bugs in software, but that's the obvious answer, ha.

I spend a lot of time with my wife and son and I'm spawning another process in a couple of weeks. On the weird hobby side of things I have a flock of 12 chickens and a soldier grub colony. I enjoy hardware hacking in all forms when I get the time.

What do you want everyone to know about you?

Umm. You can find me on twitter at @adam_baldwin, @liftsecurity and @nodesecurity say hi. I can't not sing along to Warren G's "Regulate" when I hear it. (comment courtesy of my coworkers that peer reviewed this document)

What is Xervo?

Xervo makes deploying applications in the public cloud or your own data center easy. Node.js, PHP, Java, Python, Nginx, and MongoDB supported. Full Docker support included in Enterprise version. It’s free to get started.

Share This Article

comments powered by Disqus