Most Active Speaker

Marco Ippolito

Marco Ippolito

Senior Security Engineer @HeroDevs | Node.js Releaser & Technical Steering Committee

Milan, Italy


Marco is a Senior Security Engineer at HeroDevs. Active contributor and releaser to the Node.js project.
Marco is an renowed international speaker and Microsoft MVP.


  • Most Active Speaker 2023

Area of Expertise

  • Information & Communications Technology


  • JavaScript
  • JavaScript & TypeScript
  • NodeJS
  • Webdevelopment
  • TypeScript
  • Node
  • Web API
  • Web Apps
  • Web Frontend
  • Web Development
  • Web
  • Node.js
  • IT Security
  • api security
  • Information Security
  • GraphQL
  • api
  • API Testing
  • Security
  • Cryptography
  • Apollo GraphQL
  • API Documentation
  • Cloud App Security
  • Cyber Security basics
  • Technology
  • Developer Experience
  • Software Development
  • DevOps
  • Google
  • Architecture
  • Google Developer Experts
  • Microsoft Technologies
  • Fintech
  • Agile software development
  • Modern Software Development
  • ● Firebase ● Android ● Android Things / IOT ● Progressive Web App ● Machine learning and AI ● Robotics and Drone Technologies ● Tensorlow
  • Modern Web and UX
  • Modern Web
  • Web Applications
  • Web APIs

Advanced JavaScript code search: Abstract Syntax Tree analysis

Searching for specific pieces of code in large JavaScript files can be a daunting task, especially when dealing with complex projects, as developers, we’ve all experienced the frustration of sifting through hundreds or even thousands of lines of code, trying to locate that elusive function or variable.
We’ll learn how to build a powerful code search tool using JavaScript Abstract Syntax Tree and a full text search engine.

Developers in Danger: How supply chain attacks target devs, not production

Supply chain attacks, once primarily aimed at production environments, have evolved to exploit vulnerabilities within development environments. Developers face a growing threat, leading Node.js to introduce the Permission Model.

Writing a full-text search engine in TypeScript

Have you ever wondered how full-text search engines such as ElasticSearch or Algolia works? Let's find out!
In this talk, we will build a RESTful full-text search engine from scratch, understanding how to choose the right algorithms and data structures for accomplishing such a task.
You will see how to maintain incredibly high performances while working with a massive amount of data and understand why it is so important to choose the right algorithm or data structure for accomplishing such tasks

Your First Node.js Contribution

Have you ever wanted to contribute to a foundational open source project like Node.js? Maybe you don’t know where to start. Maybe you always assumed that was work reserved for “someone else.” Join experienced contributors who will guide you through your first (or second or third or fourth) commit to the Node.js core. They will be available to help troubleshoot any development environment issues and also to provide guided tours through specific areas of the Node.js core source code. Contributors of all skill levels and experiences are welcome (not every contribution has to be a code change). Come and make your first Node.js core contribution!

OWASP Top Ten Security Vulnerabilities in Node.js

You will learn about the most common security vulnerabilities in node.js and see how you can fix them with real life code examples. I'm going to bring my experience as Node.js core collaborator and member of the security working group, and we will go through some of the vulnerabilities that have been fixed in the past. The goal of this session is to spread security best practices and spread awareness about some of the most common security vulnerabilities such as ssrf, csrf, injections, malicious json etc

Discover Node.js Test Runner

In this talk, we will explore the Node.js Test Runner, addressing the curious absence of a native testing framework in the JavaScript language. We will uncover the reasons that led Node.js, after 14 years since its inception, to develop a native test runner, despite the presence of several available libraries.

We will analyze the history of the Test Runner, identifying the problems it solves and the motivations that drove its creation. We will highlight the key differences between the test runner, testing framework, and assertion library, for a comprehensive understanding of their roles in the testing process.

We will delve into the features of the Node.js Test Runner, exploring its versatility in integrating with various test frameworks and the crucial role it plays in test automation and software efficiency.

Finite State Machines Made Easy

Let's dive into the fascinating world of the state machines —a powerful paradigm in software development that brings order and clarity to complex application logic.
At its core, the state machine pattern represents a systematic way of modeling an entity's behavior by defining a finite set of states, transitions between these states, and actions triggered by those transitions.
This concept enhances code readability but also simplifies the management of intricate workflows.
In this talk, we'll showcase Fiume, a cutting-edge state machine library written in Typescript

BSides RDU 2023 Sessionize Event

September 2023 Raleigh, North Carolina, United States

Marco Ippolito

Senior Security Engineer @HeroDevs | Node.js Releaser & Technical Steering Committee

Milan, Italy


Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top