fearless application security for nodejs developers
Spartan is a node application which provides nodejs developers with clear, easy to understand & ingest end-to-end security policies, modules and middleware tailored specifically to work with the application, not around it.
What You Get
command line application
The primary means to interact with _spartan is via the command line application. It serves as the first step in describing your application's security posture and is the mechanism to tune your security policies as your application changes.
security.json is the core artifact from _spartan. After you answer a few questions about your app, _spartan will generate this JSON file reflecting the security policy of your application.
security.js refers to the collection of submodules that are generated and configured from the interpreted policy. These modules are referencable throughout your application like any other module you would include in your code.
_spartan goes where node goes
Embedded & IoT
_spartan's Concept of Operations
Spartan is organized around an outside-in, layered approach to defense. To do that, _spartan provides thirteen modules to provide end-to-end security coverage
Cross Origin Resource Sharing
Data Storage & Classification
Client-side Security Headers
User Input Validation
Tailored to your application
Spartan covers the security risks which are applicable to your application and when your app changes, _spartan changes with it.
Speed to Production
_spartan provides plug-and-play coverage for the security risks applicable to your app, so you can push your [secure] app to production even faster
Part of your app's DNA
By being embedded into your actual codebase, _spartan works with your application, not around it
You can get started with _spartan in just a couple of steps
First, open a command prompt and type this:
npm install -g spartan-shield
Now, in your project directory, type this to generate a default policy and code
Finally, require the generated code in your project like this
let security = require('security')
Congrats! Now you have access to the modules needed to secure your project!
Be sure to check out the _spartan user guide & documentation
Here to Help
Have questions about_spartan implementation and want to talk to a real person? We can do that!
Ask a Question
Join other spartan users in the invite-only spartan-users-group slack channel and get your questions answered, learn about best practices and find out about new features
Join Us on Slack!
Spartan Setup & Orientation Consult
30-minute Skype call where we install & configure _spartan along with a brief orientation of the code. Optional: set up restricted security branch on github
Spartan Setup & Integration Consult
90-minute VSCode LiveShare & Skype call which includes setup, configuration, orientation and code integration consultation. Optional: create a restricted security branch for your project in github
The Full Effect
One-day (8 hours) on-site* Includes secure design review, _spartan set up, configuration and boilerplate code integration consultation.
*price does not include travel, hotel, meals or expenses. Contact for a statement of work which includes these values