Latest #security Threads Top

paulsabou
Software in regulated industries must comply with: Auditability laws that require tamper-proof, long-term storage of event logs Privacy...
New
maennchen
One package. One update. A worm crawling through the BEAM ecosystem. A dark “what if” — and how we can stop it before it’s real.
New
brainlid
Episode 269 of Thinking Elixir. News includes the release of Expert, the new official Elixir LSP that’s already supported by Zed editor, ...
New
CodeSync
Developing Secure Web Applications with Phoenix - Eli Kroumova | ElixirConf EU 2025 Comments welcome! View the <span clas...
New
AstonJ
Following on from part of the discussion in the Digital Nomads &amp; Frequent Travellers (Tips/Advice/Chat) thread, I thought it might be...
New
realcorvus
Monday, August 4, 6pm MDT the online Denver Elixir Meetup is happening! Join for a talk by Holden Oullette, “What’s Next for Elixir Secur...
New
brainlid
Episode 258 of Thinking Elixir. News includes the first CVE released under EEF’s new CNA program for an Erlang zip traversal vulnerabilit...
New
brainlid
Episode 250 of Thinking Elixir. News includes EEF board elections with voting beginning May 9th, Gleam v1.10.0 enhancing security with SB...
New
zachdaniel
Hey folks, we have a minor CVE issued for AshAuthentication. Please read the CVE and update accordingly. Relatively low severity, can’t c...
New
brainlid
Episode 248 of Thinking Elixir. News includes a new Elixir case study about Cyanview’s camera shading technology used at major events lik...
New

This Week's Trending Top

This Month's Trending Top

This Year's Trending Top

type1fool
WebAuthnLiveComponent WebAuthnComponents See this post about renaming the package. Passwordless authentication for Phoenix LiveView app...
New
maennchen
One package. One update. A worm crawling through the BEAM ecosystem. A dark “what if” — and how we can stop it before it’s real.
New
AstonJ
Following on from part of the discussion in the Digital Nomads &amp; Frequent Travellers (Tips/Advice/Chat) thread, I thought it might be...
New
CodeSync
Developing Secure Web Applications with Phoenix - Eli Kroumova | ElixirConf EU 2025 Comments welcome! View the <span clas...
New
brainlid
Episode 269 of Thinking Elixir. News includes the release of Expert, the new official Elixir LSP that’s already supported by Zed editor, ...
New
paulsabou
Software in regulated industries must comply with: Auditability laws that require tamper-proof, long-term storage of event logs Privacy...
New
realcorvus
Monday, August 4, 6pm MDT the online Denver Elixir Meetup is happening! Join for a talk by Holden Oullette, “What’s Next for Elixir Secur...
New

Last Three Year's Trending Top

paulanthonywilson
I had a bit of a mini-adventure following Sobelow’s advice on adding a CSP to a Phoenix App. If you want to follow along, or want to add ...
New
tangui
Hi all, The last weeks I’ve been working on a library implementing the server side of WebAuthn: Wax. Link: https://github.com/tanguilp/...
New
voltone
Erlang/OTP’s :public_key application provides a set of high-level APIs for working with common PKI-related data structures. Under the hoo...
New
maennchen
Following up on the discussion on Elixir Slack. It would be really cool if hex.pm would provide a feature like the “Report A Vulnerabili...
New
realcorvus
This document is to help you prevent a data breach due to your Elixir web application being hacked. It covers strategic and technical wor...
New
wtcross
I am seeking guidance on security concerns when using 3rd party APIs within a LiveView. Ory Kratos is an API-first identity and user mana...
New
AstonJ
Following on from this post in Do you use LittleSnitch or the equivalent on your OS? I think it might be worth us creating this thread so...
New
vmg-dev
As the title says, I want to run untrusted code in a v8 isolate and I’m wondering if elixir processes provide similar isolation as os pro...
New
brainlid
Episode 173 of Thinking Elixir. We delve into the tricky world of cybersecurity with our guest, Michael Lubas. We touch on the widely-dis...
New
david_ex
This library aims to make data leak prevention straightforward and convenient, by making it easy to follow most of the Erlang Ecosystem F...
New
ryanzidago
Why is it recommended (from the official Cloak doc) to do this: # Assumes that you have a CLOAK_KEY environment variable containing a ke...
New
mattludwigs
Hey Elixir friends! I stumbled across an interesting library in the Python community called spidertrap. It traps scanners, spambots, and...
New
scherrey
We’re trying to build out some infrastructure to allow machine owners with GPUs to “rent out” their machines and allow remote users to pu...
New
jtdowney
I wanted to announce that I recently released a new Elixir library, ExAcme, for interacting with RFC 8555-compliant ACME servers like Let...
New
zachdaniel
Hey folks, we have a minor CVE issued for AshAuthentication. Please read the CVE and update accordingly. Relatively low severity, can’t c...
New

Trending Over Three Years Top

Eiji
At start some definitions: HTTPS (is a protocol for secure communication over a computer network which is widely used on the Internet) -...
New
ferd
Bad news. You have to upgrade Rebar3. We just noticed that SSL validation had been partially disabled for years. I’ve written up all the...
New
Crowdhailer
I’m trying to set up an elixir application that uses OpenID connect for authentication. I don’t want to roll my own security so I am usin...
New
voltone
Generates a dependency inventory, or “Software Bill-of-Materials” (SBoM), including package versions and licenses, in a format that can b...
New
vlad.grb
Is there any way to protect and obfuscate my elixir application? Is it required at all? As I understood I can remove debug info but does ...
New
jstlroot
Good day to you all, beloved Elixir community! :heart: I was wondering if, for security reasons, introspection of certain fields could b...
New
easco
The Mix.Shell.IO module allows me to prompt the user for some information. I would like to use that functionality in a script I am writi...
New
xtian
Hey everyone- I’ve released a new version of my library plug_content_security_policy, which aids in the generation of CSP headers for Plu...
New
hst337
SecretVault :lock: All-in-one solution for storing your secrets inside repository. Overview It is a lightweight zero-dependency soluti...
New
danish
Hi All, I am trying to sign a string with a an engine stored private key. my engine loads fine, but I am getting an argument error on :...
New
voltone
The EEF’s Security WG has released the first public draft of the Secure Coding and Deployment Hardening Guidelines for BEAM languages. “...
New
voltone
Erlang/OTP 23.2.2 is out, fixing a critical TLS certificate verification issue in 23.2 an 23.2.1 allowing MitM attacks and forged client ...
New
ruslansavenok
I have a phoenix app deployed as distillery release. By default, distillery sets node name to app_name@127.0.0.1 and cookie to app_name....
New
defsprite
Is there a well known Phoenix/Elixir project similar to the OWASP Webgoat or railsgoat projects? The “goat” projects usually showcase co...
New
lawik
Elixir uses OpenSSL through Erlang. I don’t know the details of how that is handled very well. I imagine we are exposed to this undisclo...
New
  • Follow
  • Join
  • Shape
the conversation

Latest on Elixir Forum

Elixir Forum

Similar Portals

    None added yet

We're in Beta

About us Mission Statement