COD 268 – Mitigating TypeScript Application Vulnerabilities

Course Overview

TypeScript is an object-oriented and strongly typed language that enhances JavaScript’s capabilities. It enables software development teams to specify the types of data and generates error reports whenever the types don’t match. This course will provide an overview of TypeScript’s best practices.

The course is designed for the NICE Workforce Specialty Areas of Software Development (DEV), Vulnerability Assessment and Management (VAM), Systems Requirements Planning (SRP), and Systems Development (SYS). The course objectives are aligned with Amazon’s TypeScript best practice guidelines and the NIST Cybersecurity Framework.

After successfully completing this course, you will be equipped with the knowledge and skills required to:

• Apply best practices for describing data, using “enum” constructs, and avoiding “any”
• Scope conservatively to avoid name collisions and loss of data integrity
• Use and extend interfaces while avoiding empty interfaces
• Use design patterns such as abstract factories and factory methods
• Use access modifiers to encapsulate and protect data in objects
• Define and use standard naming conventions
• Use ESLint or other TypeScript-aware static analysis tools