Michael Lubas on the Future of Elixir Security

In today's episode of Elixir Wizards, Michael Lubas, founder of Paraxial.io, joins hosts Owen Bickford and Bilal Hankins to discuss security in the Elixir and Phoenix ecosystem. Lubas shares his insights on the most common security risks developers face, recent threats, and how Elixir developers can prepare for the future. Common security risks, including SQL injection and cross-site scripting, and how to mitigate these threats The importance of rate limiting and bot detection to prevent spam SMS messages Continuous security testing to maintain a secure application and avoid breaches Tools and resources available in the Elixir and Phoenix ecosystem to enhance security The Guardian library for authentication and authorization Take a drink every time someone says "bot" The difference between "bots" and AI language models The potential for evolving authentication, such as Passkeys over WebSocket How Elixir compares to other languages due to its immutability and the ability to trace user input Potion Shop, a vulnerable Phoenix application designed to test security Talking Tom, Sneaker Bots, and teenage hackers! The importance of security awareness and early planning in application development The impact of open-source software on application security How to address vulnerabilities in third-party libraries Conducting security audits and implementing security measures Links in this episode: Michael Lubas Email - michael@paraxial.io LinkedIn - https://www.linkedin.com/in/michaellubas/ Paraxial.io - https://paraxial.io/ Blog/Mailing List - https://paraxial.io/blog/index Potion Shop - https://paraxial.io/blog/potion-shop Elixir/Phoenix Security Live Coding: Preventing SQL Injection in Ecto Twitter - https://twitter.com/paraxialio LinkedIn - https://www.linkedin.com/company/paraxial-io/ GenServer Social - https://genserver.social/paraxial YouTube - https://www.youtube.com/@paraxial5874 Griffin Byatt on Sobelow: ElixirConf 2017 - Plugging the Security Holes in Your Phoenix Application Erlang Ecosystem Foundation: Security Working Group - https://erlef.org/wg/security Article by Bram - Client-Side Enforcement of LiveView SecuritySpecial Guest: Michael Lubas.

Om Podcasten

Elixir Wizards is an interview-style podcast for anyone interested in functional programming and the Elixir Programming Language. Hosted by SmartLogic engineers and Elixirists Owen Bickford, Dan Ivovich, and Sundi Myint, this show features in-depth discussions with some of the brightest minds in the industry, discussing training and documentation in Phoenix LiveView, the evolution of programming languages, Erlang VM, and more. In the current season, we're branching out from Elixir to compare notes with thought leaders and software engineers from programming languages like JavaScript, Ruby on Rails, Go, Scala, Java, and more. Each episode will take a deep dive into a topic from Machine Learning and AI, to ECS and game development, to education and community. Learn more about how SmartLogic uses Phoenix and Elixir. (https://smartlogic.io/phoenix-and-elixir?utm_source=podcast)