Node.js is popular and makes a great platform for developing web applications. The OWASP NodeGoat project provides an environment to experiment and learn how some of the OWASP Top 10 security risks apply to web applications developed using Node.js, and also how to fix the mitigate these concerns.