Have you ever gotten into a heated argument about typed versus untyped languages? Have you ever thought about what could prove to your friends who love Javascript (boo) that Typescript is better? Well, today we’ll give you some solid evidence: we’re going to talk about how we used branded types in order to prevent multiple classes of vulnerabilities throughout our codebase. With the help of Typescript’s typing system, we were able to ensure that user input was validated, and defend against SSRFs and other vulnerabilities. With the help of branded types, we not only improved our application-layer defense, but also made it easier to catch possible security bugs with static analysis.