On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
תוכן מסופק על ידי SmartLogic LLC. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי SmartLogic LLC או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לElixir Wizards
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 13 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell (@jcutrell), co-founder of Spec and Director of Engineering at PBS. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Twitter: @developertea :: Email: deve ...
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Exploring React Native Together
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
Michael Lubas on the Future of Elixir Security
Manage episode 359982723 series 2493466
תוכן מסופק על ידי SmartLogic LLC. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי SmartLogic LLC או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
In today's episode of Elixir Wizards, Michael Lubas, founder of Paraxial.io, joins hosts Owen Bickford and Bilal Hankins to discuss security in the Elixir and Phoenix ecosystem. Lubas shares his insights on the most common security risks developers face, recent threats, and how Elixir developers can prepare for the future.
- Common security risks, including SQL injection and cross-site scripting, and how to mitigate these threats
- The importance of rate limiting and bot detection to prevent spam SMS messages
- Continuous security testing to maintain a secure application and avoid breaches
- Tools and resources available in the Elixir and Phoenix ecosystem to enhance security
- The Guardian library for authentication and authorization
- Take a drink every time someone says "bot"
- The difference between "bots" and AI language models
- The potential for evolving authentication, such as Passkeys over WebSocket
- How Elixir compares to other languages due to its immutability and the ability to trace user input
- Potion Shop, a vulnerable Phoenix application designed to test security
- Talking Tom, Sneaker Bots, and teenage hackers!
- The importance of security awareness and early planning in application development
- The impact of open-source software on application security
- How to address vulnerabilities in third-party libraries
- Conducting security audits and implementing security measures
Links in this episode:
Michael Lubas
Email - michael@paraxial.io
LinkedIn - https://www.linkedin.com/in/michaellubas/
Paraxial.io - https://paraxial.io/
Blog/Mailing List - https://paraxial.io/blog/index
Potion Shop - https://paraxial.io/blog/potion-shop
Elixir/Phoenix Security Live Coding: Preventing SQL Injection in Ecto
Twitter - https://twitter.com/paraxialio
LinkedIn - https://www.linkedin.com/company/paraxial-io/
GenServer Social - https://genserver.social/paraxial
YouTube - https://www.youtube.com/@paraxial5874
Griffin Byatt on Sobelow: ElixirConf 2017 - Plugging the Security Holes in Your Phoenix Application
Erlang Ecosystem Foundation: Security Working Group - https://erlef.org/wg/security
Article by Bram - Client-Side Enforcement of LiveView Security
Special Guest: Michael Lubas.
182 פרקים
שתפו
Manage episode 359982723 series 2493466
תוכן מסופק על ידי SmartLogic LLC. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי SmartLogic LLC או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
In today's episode of Elixir Wizards, Michael Lubas, founder of Paraxial.io, joins hosts Owen Bickford and Bilal Hankins to discuss security in the Elixir and Phoenix ecosystem. Lubas shares his insights on the most common security risks developers face, recent threats, and how Elixir developers can prepare for the future.
- Common security risks, including SQL injection and cross-site scripting, and how to mitigate these threats
- The importance of rate limiting and bot detection to prevent spam SMS messages
- Continuous security testing to maintain a secure application and avoid breaches
- Tools and resources available in the Elixir and Phoenix ecosystem to enhance security
- The Guardian library for authentication and authorization
- Take a drink every time someone says "bot"
- The difference between "bots" and AI language models
- The potential for evolving authentication, such as Passkeys over WebSocket
- How Elixir compares to other languages due to its immutability and the ability to trace user input
- Potion Shop, a vulnerable Phoenix application designed to test security
- Talking Tom, Sneaker Bots, and teenage hackers!
- The importance of security awareness and early planning in application development
- The impact of open-source software on application security
- How to address vulnerabilities in third-party libraries
- Conducting security audits and implementing security measures
Links in this episode:
Michael Lubas
Email - michael@paraxial.io
LinkedIn - https://www.linkedin.com/in/michaellubas/
Paraxial.io - https://paraxial.io/
Blog/Mailing List - https://paraxial.io/blog/index
Potion Shop - https://paraxial.io/blog/potion-shop
Elixir/Phoenix Security Live Coding: Preventing SQL Injection in Ecto
Twitter - https://twitter.com/paraxialio
LinkedIn - https://www.linkedin.com/company/paraxial-io/
GenServer Social - https://genserver.social/paraxial
YouTube - https://www.youtube.com/@paraxial5874
Griffin Byatt on Sobelow: ElixirConf 2017 - Plugging the Security Holes in Your Phoenix Application
Erlang Ecosystem Foundation: Security Working Group - https://erlef.org/wg/security
Article by Bram - Client-Side Enforcement of LiveView Security
Special Guest: Michael Lubas.
182 פרקים
כל הפרקים
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לElixir Wizards
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 13 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell (@jcutrell), co-founder of Spec and Director of Engineering at PBS. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Twitter: @developertea :: Email: deve ...
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Exploring React Native Together
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
