Securing Your Systems By Befriending Ghosts

How often do you worry about forgetting to validate an input? Or escaping it correctly to prevent injection attacks? How often do you worry about changing your logs and accidentally leaking personal (or secret!) data?

Sure, we’ve all learned to live with these worries, but things don’t have to be this way. Meet your new (old) best friend: the type system. We’ll see how a single technique of types as capabilities can be used to express and enforce security constraints throughout your system. And then see it in practice in TypeScript. This technique liberates you from worrying about leaks and injection attacks by leveraging your existing build pipeline to automate these audits so you can spend that energy creating smooother experiences for your users.