134: Inside the Security Working Group

We get a glimpse into the EEF's Security Working Group with Bram Verburg. We learn about existing resources available to the community and we get hints of work underway for the future. Bram shares some cool security tips and insights as well! Show Notes online - http://podcast.thinkingelixir.com/134 Elixir Community News http://example.com/ – Example website https://github.com/phoenixframework/phoenix/blob/master/CHANGELOG.md – New release candidate for Phoenix! 1.7.0-rc.1 https://github.com/phoenixframework/phoenix_live_view/blob/master/CHANGELOG.md – New minor Phoenix LiveView releases https://twitter.com/whatyouhide/status/1610675036108771328 – Andrea Leopardi published his second video where he works through the ProtoHackers.com challenges using Elixir https://github.com/sorentwo/oban/pull/819 – Oban now supports SQLite3 https://github.com/JohnnyCurran/TimeTravel – Time Travel with LiveView events https://www.chriis.dev/opinion/setting-up-a-google-chrome-shortcut-to-elixir-documentation-in-30-seconds – Chris Gregori shared a post about setting up a Google Chrome shortcut to Elixir documentation https://twitter.com/benvp_/status/1610884773387321345 – Tip for saving hex docs offline locally https://twitter.com/theerlef/status/1611076916957843456 – erlef/setup-beam v1.15.1 has been released https://github.com/erlef/setup-beam/releases/tag/v1.15.1 https://github.com/elixir-nx/ex_faiss – Sean Morriarity released a new library in the Nx family called ex_faiss https://dockyard.com/blog/2023/01/04/search-and-clustering-with-exfaiss – Blog post to accompany ex_faiss https://github.com/lexmag – Core team Aleksei https://github.com/am-kantox – Finitomata Aleksei https://twitter.com/yburyug/status/1611125098286813184 – Fun Phoenix success story Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at [email protected] Discussion Resources https://erlef.github.io/security-wg/ https://erlef.org/wg/security https://github.com/erlef/security-wg https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/ https://podcast.thinkingelixir.com/64 – OTP Certificate Woes with Bram Verburg https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/releases – Section on releases and Erlang's ability to conditionally include the compiler https://bluecode.com/en/ https://www.linkedin.com/in/FrancescoCesarini https://podcast.thinkingelixir.com/122 – Interview with Holden Oullette about Elixir Secure Coding Training for teams https://en.wikipedia.org/wiki/Whac-A-Mole https://podcast.thinkingelixir.com/131 – Interview with Michael Lubas about securing Elixir and Phoenix applications https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/crash_dumps https://github.com/voltone/x509/ https://github.com/beam-telemetry/telemetry https://www.lua.org/start.html https://www.cisa.gov/uscert/bsi/articles/knowledge/sdlc-process/secure-software-development-life-cycle-processes – Secure Software Development Lifecycle https://github.com/nccgroup/sobelow https://github.com/rrrene/credo https://en.wikipedia.org/wiki/Data-flow_analysis https://erlef.org/ https://members.erlef.org/join-us Guest Information https://twitter.com/voltonez – on Twitter https://fosstodon.org/@voltone – on Fediverse https://github.com/voltone – on Github https://blog.voltone.net/ – Blog Find us online Message the show - @ThinkingElixir Message the show on Fediverse - @[email protected] Email the show - [email protected] Mark Ericksen - @brainlid Mark Ericksen on Fediverse - @[email protected] David Bernheisel - @bernheisel David Bernheisel on Fediverse - @[email protected] Cade Ward - @cadebward Cade Ward on Fediverse - @[email protected] Sponsored By:Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!