Latest #security Threads 
Software in regulated industries must comply with:
Auditability laws that require tamper-proof, long-term storage of event logs
Privacy...
New
One package.
One update.
A worm crawling through the BEAM ecosystem.
A dark “what if” — and how we can stop it before it’s real.
New
Episode 269 of Thinking Elixir. News includes the release of Expert, the new official Elixir LSP that’s already supported by Zed editor, ...
New
Developing Secure Web Applications with Phoenix - Eli Kroumova | ElixirConf EU 2025
Comments welcome! View the <span clas...
New
Following on from part of the discussion in the Digital Nomads & Frequent Travellers (Tips/Advice/Chat) thread, I thought it might be...
New
Monday, August 4, 6pm MDT the online Denver Elixir Meetup is happening! Join for a talk by Holden Oullette, “What’s Next for Elixir Secur...
New
Episode 258 of Thinking Elixir. News includes the first CVE released under EEF’s new CNA program for an Erlang zip traversal vulnerabilit...
New
Episode 250 of Thinking Elixir. News includes EEF board elections with voting beginning May 9th, Gleam v1.10.0 enhancing security with SB...
New
Hey folks, we have a minor CVE issued for AshAuthentication. Please read the CVE and update accordingly. Relatively low severity, can’t c...
New
Episode 248 of Thinking Elixir. News includes a new Elixir case study about Cyanview’s camera shading technology used at major events lik...
New
This Week's Trending
This Month's Trending
This Year's Trending
WebAuthnLiveComponent WebAuthnComponents
See this post about renaming the package.
Passwordless authentication for Phoenix LiveView app...
New
One package.
One update.
A worm crawling through the BEAM ecosystem.
A dark “what if” — and how we can stop it before it’s real.
New
Following on from part of the discussion in the Digital Nomads & Frequent Travellers (Tips/Advice/Chat) thread, I thought it might be...
New
Developing Secure Web Applications with Phoenix - Eli Kroumova | ElixirConf EU 2025
Comments welcome! View the <span clas...
New
Episode 269 of Thinking Elixir. News includes the release of Expert, the new official Elixir LSP that’s already supported by Zed editor, ...
New
Software in regulated industries must comply with:
Auditability laws that require tamper-proof, long-term storage of event logs
Privacy...
New
Monday, August 4, 6pm MDT the online Denver Elixir Meetup is happening! Join for a talk by Holden Oullette, “What’s Next for Elixir Secur...
New
Last Three Year's Trending
I had a bit of a mini-adventure following Sobelow’s advice on adding a CSP to a Phoenix App. If you want to follow along, or want to add ...
New
Hi all,
The last weeks I’ve been working on a library implementing the server side of WebAuthn: Wax.
Link: https://github.com/tanguilp/...
New
Erlang/OTP’s :public_key application provides a set of high-level APIs for working with common PKI-related data structures. Under the hoo...
New
Following up on the discussion on Elixir Slack.
It would be really cool if hex.pm would provide a feature like the “Report A Vulnerabili...
New
This document is to help you prevent a data breach due to your Elixir web application being hacked. It covers strategic and technical wor...
New
I am seeking guidance on security concerns when using 3rd party APIs within a LiveView. Ory Kratos is an API-first identity and user mana...
New
Following on from this post in Do you use LittleSnitch or the equivalent on your OS? I think it might be worth us creating this thread so...
New
As the title says, I want to run untrusted code in a v8 isolate and I’m wondering if elixir processes provide similar isolation as os pro...
New
Episode 173 of Thinking Elixir. We delve into the tricky world of cybersecurity with our guest, Michael Lubas. We touch on the widely-dis...
New
This library aims to make data leak prevention straightforward and convenient, by making it easy to follow most of the Erlang Ecosystem F...
New
Why is it recommended (from the official Cloak doc) to do this:
# Assumes that you have a CLOAK_KEY environment variable containing a ke...
New
Hey Elixir friends!
I stumbled across an interesting library in the Python community called spidertrap. It traps scanners, spambots, and...
New
We’re trying to build out some infrastructure to allow machine owners with GPUs to “rent out” their machines and allow remote users to pu...
New
I wanted to announce that I recently released a new Elixir library, ExAcme, for interacting with RFC 8555-compliant ACME servers like Let...
New
Hey folks, we have a minor CVE issued for AshAuthentication. Please read the CVE and update accordingly. Relatively low severity, can’t c...
New
Trending Over Three Years
At start some definitions:
HTTPS (is a protocol for secure communication over a computer network which is widely used on the Internet) -...
New
Bad news. You have to upgrade Rebar3. We just noticed that SSL validation had been partially disabled for years.
I’ve written up all the...
New
I’m trying to set up an elixir application that uses OpenID connect for authentication. I don’t want to roll my own security so I am usin...
New
Generates a dependency inventory, or “Software Bill-of-Materials” (SBoM), including package versions and licenses, in a format that can b...
New
Is there any way to protect and obfuscate my elixir application? Is it required at all? As I understood I can remove debug info but does ...
New
Good day to you all, beloved Elixir community! :heart:
I was wondering if, for security reasons, introspection of certain fields could b...
New
The Mix.Shell.IO module allows me to prompt the user for some information. I would like to use that functionality in a script I am writi...
New
Hey everyone- I’ve released a new version of my library plug_content_security_policy, which aids in the generation of CSP headers for Plu...
New
SecretVault :lock:
All-in-one solution for storing your secrets inside repository.
Overview
It is a lightweight zero-dependency soluti...
New
Hi All,
I am trying to sign a string with a an engine stored private key.
my engine loads fine, but I am getting an argument error on :...
New
The EEF’s Security WG has released the first public draft of the Secure Coding and Deployment Hardening Guidelines for BEAM languages.
“...
New
Erlang/OTP 23.2.2 is out, fixing a critical TLS certificate verification issue in 23.2 an 23.2.1 allowing MitM attacks and forged client ...
New
I have a phoenix app deployed as distillery release.
By default, distillery sets node name to app_name@127.0.0.1 and cookie to app_name....
New
Is there a well known Phoenix/Elixir project similar to the OWASP Webgoat or railsgoat projects?
The “goat” projects usually showcase co...
New
Elixir uses OpenSSL through Erlang. I don’t know the details of how that is handled very well.
I imagine we are exposed to this undisclo...
New
Latest on Elixir Forum
Get money off!
The Pragmatic Bookshelf
35% off any eBook
Manning Publications
45% off any item
ElixirCasts
10% off for life
The Pragmatic Studio
20% off any course
AppSignal
10% off for 12 months
Honeybadger
10% off for 12 months
Simply use coupon code "devtalk.com" or "elixirforum" at checkout!
Filter by Type:
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #ash-questions
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #exunit
- #discussion
- #javascript
- #elixirconf
- #library
- #oban-questions
- #dialyzer
- #docker
- #onsite
- #authentication
- #podcasts
- #full-time-contract
- #umbrella
- #code-sync
- #ecto-query
- #phoenix_html
- #iex
- #graphql
- #genstage
- #elixir-ls
- #nerves-questions
- #podcasts-by-brainlid
- #supervisor
- #websockets
- #distillery
- #advent-of-code
- #blog-post
- #livebook-questions
- #processes
- #forms
- #api
- #metaprogramming







