Phoenix Application Security

When deploying your Phoenix application, it seems like there is a never ending list of security problems to worry about. XSS, CSRF, RCE, timing attacks, the list of acronyms and jargon goes on. How should you get started securing your Phoenix app? What is worth focusing on?

This training will be an introduction to the web application security concepts most relevant to Phoenix applications, common vulnerabilities, and recommended best practices.

Training objectives:

• Introduce web application security vulnerabilities, and how they occur in Phoenix applications
• Show vulnerable code in Elixir/Phoenix, and have students run the code locally to understand how it works
• Demonstrate tools to prevent and fix these vulnerabilities