Join our colleagues Michael Koppmann, senior information security consultat at SBA Research, and Mathias Tausig, information security consultant at SBA Research Research for their talks on Got Any excuses? Wie man sicheren TypeScript-Code erzwingen kann and Das TPM und Du: Wie man das TPM tatsächliche verwenden kann.
Talks
Got Any excuses? Wie man sicheren TypeScript-Code erzwingen kann
Although TypeScript is becoming increasingly popular, many projects still suffer from security issues that are more typical of JavaScript. This happens because the complexity of TypeScript is introduced into development without fully leveraging its advantages.
In this talk, Michael explores how security in TypeScript can be enforced through design decisions. He discusses compiler flags and covers lesser-known patterns from functional languages, such as sum types and pattern matching, which enable writing more robust code.
Practical examples in TypeScript demonstrate how security aspects can be shifted into the type system so that the compiler can enforce them.
Das TPM und Du: Wie man das TPM tatsächliche verwenden kann
It is often said that cryptography is the science that turns any security problem into a key management problem. But what if we could make life a bit easier here?
TPMs (Trusted Platform Modules) have been a standard component of every PC for many years, providing all users with “free” cryptographic hardware. These modules are already used extensively—though mostly hidden—by our operating systems and firmware, but they have found little application in userspace so far.
This talk explains the capabilities of a TPM and, above all, how you can make use of it in your daily work.
Speaker
Michael Koppmann is a Senior Information Security Consultant at SBA Research. His focus is on the technical aspects of IT security, particularly in the form of penetration testing. In addition to his consulting work, he is active as a trainer and speaker, sharing his knowledge in trainings and at professional conferences. His research interests include secure and sustainable software development.
Mathias Tausig is a trained mathematician and has professional experience as a Security Officer, developer, sysadmin, as well as a university lecturer for IT security. He is currently working as a Security Consultant, focusing on penetration testing, trainings, and application security. As a speaker, he has appeared at events such as heise devSec, sec4dev, WeAreDevelopers, Linuxwochen, and the CCC Easterhegg.