Node.js’ single-threaded nature makes it very susceptible to DOS attacks. While Node.js’ event loop allows performing some operations in an asynchronous fashion, it’s still quite easy to write a vulnerable Node.js application by making a few simple mistakes. In this talk I’ll cover some common ways a Node.js application may be vulnerable to DoS attacks and some common best-practices and counter measures to defend against such attacks.