NodeSource updates its commercially supported JavaScript platform runtime with vulnerability awareness and threshold monitoring NSolid, NodeSource’s enterprise-grade Node.js platform, is upgrading security and monitoring with version 1.3 this week. The runtime meets three specific needs of enterprise customers running the popular server-side JavaScript platform: runtime-integrated profiling, advanced monitoring capabilities at scale, and enhanced security controls and vulnerability awareness. First introduced last September, NSolid “includes functionality critical to the enterprise that’s not available in vanilla Node.js,” said Chip Ray, head of product management at NodeSource. Version 1.3 features package vulnerability awareness for application packages, including the NPM JavaScript modules popular with Node. Running code is examined, security vulnerabilities are identified and monitored, and users are provided a Security View to track remediation. The upgrade also provides information on which applications and processes are exposed to each vulnerability, offering continuous awareness for applications running in the system. “What we do is we look at the packages that are in your application, and we make it clear which applications and which processes have known vulnerabilities,” Ray said. Threshold monitoring in the upgrade offers CPU profiles and heap snapshots when there are performance problems, and data helps to identify root causes. Threshold-triggered profiling and snapshots record the applications when they are misbehaving, and the information provided can be analyzed in the NSolid console for triaging performance issues. NodeSource plans for NSolid to be suitable for deployment in the cloud or on-premise. Releases are actively supported for 18 months, followed by 12 months of maintenance, the company said. JavaScriptSoftware DevelopmentSecurity