fearless application security for nodejs developers
About Spartan
Spartan is a node application which provides nodejs developers with clear, easy to understand & ingest end-to-end security policies, modules and middleware tailored specifically to work with the application, not around it.
What You Get
command line application
The primary means to interact with _spartan is via the command line application. It serves as the first step in describing your application's security posture and is the mechanism to tune your security policies as your application changes.
security policy
security.json is the core artifact from _spartan. After you answer a few questions about your app, _spartan will generate this JSON file reflecting the security policy of your application.
boilerplate code
security.js refers to the collection of submodules that are generated and configured from the interpreted policy. These modules are referencable throughout your application like any other module you would include in your code.
_spartan goes where node goes
Web
Desktop
Mobile
Embedded & IoT
APIs
_spartan's Concept of Operations
Spartan is organized around an outside-in, layered approach to defense. To do that, _spartan provides thirteen modules to provide end-to-end security coverage
API Management
Application Dependencies
Access Controls
Session Management
Cross Origin Resource Sharing
Secure Caching
Secure Connections
Data Storage & Classification
Secure Forms
Client-side Security Headers
Secrets Management
Logging
User Input Validation
Why Spartan?
Tailored to your application
Spartan covers the security risks which are applicable to your application and when your app changes, _spartan changes with it.
Speed to Production
_spartan provides plug-and-play coverage for the security risks applicable to your app, so you can push your [secure] app to production even faster
Part of your app's DNA
By being embedded into your actual codebase, _spartan works with your application, not around it
Installing Spartan
Try it!
You can get started with _spartan in just a couple of steps
First, open a command prompt and type this:
npm install -g spartan-shield
Now, in your project directory, type this to generate a default policy and code
_spartan -D
Finally, require the generated code in your project like this
let security = require('security')
Congrats! Now you have access to the modules needed to secure your project!
Learn More!
Be sure to check out the _spartan user guide & documentation
Here to Help
Have questions about_spartan implementation and want to talk to a real person? We can do that!
Ask a Question
Slack
$0.00USD
Join other spartan users in the invite-only spartan-users-group slack channel and get your questions answered, learn about best practices and find out about new features
Join Us on Slack!
Spartan Setup & Orientation Consult
Skype
$99USD
30-minute Skype call where we install & configure _spartan along with a brief orientation of the code. Optional: set up restricted security branch on github
Spartan Setup & Integration Consult
VSCode Skype
$299USD
90-minute VSCode LiveShare & Skype call which includes setup, configuration, orientation and code integration consultation. Optional: create a restricted security branch for your project in github
The Full Effect
On-Site
$2499USD
One-day (8 hours) on-site* Includes secure design review, _spartan set up, configuration and boilerplate code integration consultation.
*price does not include travel, hotel, meals or expenses. Contact for a statement of work which includes these values
VSCode Skype