When deploying your Elixir/Phoenix application, it seems like there is a never ending list of security problems to worry about. XSS, CSRF, RCE, timing attacks, the list of acronyms and jargon goes on. How should you get started securing your Elixir app? What is worth focusing on?
This training will be an introduction to the web application security concepts most relevant to Elixir applications, common vulnerabilities, and recommended best practices.
- Introduce web application security vulnerabilities, and how they occur in Elixir applications
- Show vulnerable code in Elixir/Phoenix, and have students run the code locally to understand how it works
- Demonstrate tools to prevent and fix these vulnerabilities
OBJECTIVES: Give students the necessary knowledge to keep their applications safe from attack.
PREREQUISITES: https://github.com/securityelixir/potion_shop