Wednesday
Room 1
10:20 - 11:20
(UTC+02)
Talk (60 min)
Securing React with Trusted Types
Cross-Site Scripting is game over! We've been hearing this for a while now. Unfortunately, it is still more than relevant in the world of React-based frontends. While React helps a bit, it still leaves too much to developers, aptly illustrated by numerous XSS vulnerabilities discovered in React apps. No more. In this session, we look at Trusted Types, a platform-based defense that will eradicate XSS vulnerabilities in frontends. We investigate how Trusted Types can stop typical React XSS attacks. Additionally, we explore how to configure Trusted Types for your entire application. You will walk away with a solid knowledge of Trusted Types and actionable advice to get started with Trusted Types.
Philippe De Ryck
Philippe De Ryck specializes in making web security accessible to developers and architects, leveraging his Ph.D. from KU Leuven to inform his comprehensive understanding of security challenges. As the founder of Pragmatic Web Security, he provides practical security training and consulting services to organizations worldwide.
His online course platform offers a self-paced approach to learning about security. Philippe also actively helps shape OAuth 2.0 best practices as the co-author of the best practices for browser-based apps specification.
Philippe is recognized as a Google Developer Expert, acknowledging his contributions to web application and API security. He also organizes SecAppDev, an annual week-long application security course in Belgium.