2021
- Speakeasy JS - Attacking Open Source using Abandoned Resources
2020
- OpenJS World - Fireside Chat on JavaScript Security
- Node.js Global Summit - JavaScript Supply Chain Security
2019
- LocoMocoSec, JavaScript Supply Chain Security
- Container Security Summit - JavaScript Supply Chain Security
- Absolute AppSec - EP #65
- Real Talk JavaScript - Secure JavaScript
2018
- BrazilJS - Becoming a Security Minded Developer
- Node Summit - Security Panel
- Thunderplains - The Developer Trail: Adventures shipping secure software
- Brakeing Down Security Podcast
- JavaScript Jabber - Node Security
- JS Party - The state of Node security
2017
- Node Summit - Hunting for malicious modules in npm
- NodeConf AR - Continuous Security
- The Manifest - Typosquatting
- Exploring Information Security podcast - What is the Node Security Platform
2016
- Node Summit - Security Panel
- EmpireJS - Continuous Security
- Thunderplains - Continuous Security
2015
- Nodevember - Node Security Experiements
- CascadiaFest - The art of identifying vulnerabilities
- SINFO - Breaking into Security
- Node Summit - Security Panel
- OpoJS - OWASP Top 10 / requireSafe
2014
- JSFest - A Security Carol
- NodeDay at PayPal - Node Security in the Enterprise
- ThunderPlains - Node Security Live
2013
- LXJS - Introducing the Node Security Project
- JSConf EU - Security First
- JSConf US - Builders vs Breakers
- NodePDX - Introducing nodesecurity.io
- JavaScript Jabber - The Node Security Project
2012
- DEFCON 20 - Blind XSS
- RedisConf - EvilSHA - Cracking SHA hashes using publicly available Redis instances
2011
- DEFCON 19 - Pillaging DVCS Repos for fun and profit
- Toorcon 13 - Pillaging DVCS Repos for fun and profit
- JSConf US - Writing an (in)secure webapp
- Keeping it Realtime - Old problems, new tools
2010
- Djangocon - Pony Pwning
2009
- Toorcamp - Introduction to w3af