![Elixir Mix artwork](https://is1-ssl.mzstatic.com/image/thumb/Podcasts123/v4/08/b3/62/08b362b6-e888-71de-a835-8480355aa09a/mza_767768620257170873.jpg/100x100bb.jpg)
Episode 56: EMx 056: Sobelow and Security with Griffin Byatt
Elixir Mix
English - June 18, 2019 10:00 - 46 minutes - 46.3 MB - ★★★★★ - 12 ratingsHow To Education Business Careers elixir erlang programming code software development developer functional Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Sponsors
Sentry use the code “devchat” for 2 months free on Sentry small plan
Triplebyte offers a $1000 signing bonus
CacheFly
Panel
Mark Ericksen
Josh Adams
Joined by Special Guest: Griffin Byatt
Summary
Griffin Byatt shares his background and what he is doing now as a security consultant for NCC Group. The panel discusses his security library, Sobelow, and their experiences using it. Griffin explains how it works, how it came into being and the goal of Sobelow. The panel wonders who contributes to Sobelow and Griffin invites anyone to contribute. Vulnerabilities that are commonly seen across all frameworks and those specific to Elixir are discussed. Elixir’s security features are considered and Griffin shares his experiences working to improve the ecosystem. Griffin gives advice and recommends resources to developers.
Links
Substitute Teacher - Key & Peele
https://www.nccgroup.trust/us/
https://brakemanscanner.org/
https://github.com/nccgroup/sobelow
https://github.com/nccgroup/sobelow/blob/master/lib/sobelow/traversal/file_module.ex
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
ElixirConf 2017 - Plugging the Security Holes in Your Phoenix Application - Griffin Byatt
https://github.com/ueberauth/guardian
https://oauth.net/
https://github.com/riverrun/phauxth
https://github.com/riverrun/comeonin
https://www.owasp.org/
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
https://griffinbyatt.com/
https://twitter.com/griffinbyatt
https://twitter.com/elixir_mix
https://www.facebook.com/Elixir-Mix
Picks
Mark Ericksen:
https://stedolan.github.io/jq
https://github.com/elixir-lang/elixir/releases
Josh Adams:
https://librem.one/
https://puri.sm/products/librem-5/
Griffin Byatt:
https://www.freehaven.net/anonbib/
https://www.nccgroup.trust/us/our-research/assessing-unikernel-security/?research=Whitepapers
Special Guest: Griffin Byatt.
Sponsors
Sentry use the code “devchat” for 2 months free on Sentry small plan
Triplebyte offers a $1000 signing bonus
CacheFly
Panel
Mark Ericksen
Josh Adams
Joined by Special Guest: Griffin Byatt
Summary
Griffin Byatt shares his background and what he is doing now as a security consultant for NCC Group. The panel discusses his security library, Sobelow, and their experiences using it. Griffin explains how it works, how it came into being and the goal of Sobelow. The panel wonders who contributes to Sobelow and Griffin invites anyone to contribute. Vulnerabilities that are commonly seen across all frameworks and those specific to Elixir are discussed. Elixir’s security features are considered and Griffin shares his experiences working to improve the ecosystem. Griffin gives advice and recommends resources to developers.
Links
Substitute Teacher - Key & Peele
https://www.nccgroup.trust/us/
https://brakemanscanner.org/
https://github.com/nccgroup/sobelow
https://github.com/nccgroup/sobelow/blob/master/lib/sobelow/traversal/file_module.ex
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
ElixirConf 2017 - Plugging the Security Holes in Your Phoenix Application - Griffin Byatt
https://github.com/ueberauth/guardian
https://oauth.net/
https://github.com/riverrun/phauxth
https://github.com/riverrun/comeonin
https://www.owasp.org/
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
https://griffinbyatt.com/
https://twitter.com/griffinbyatt
https://twitter.com/elixir_mix
https://www.facebook.com/Elixir-Mix
Picks
Mark Ericksen:
https://stedolan.github.io/jq
https://github.com/elixir-lang/elixir/releases
Josh Adams:
https://librem.one/
https://puri.sm/products/librem-5/
Griffin Byatt:
https://www.freehaven.net/anonbib/
https://www.nccgroup.trust/us/our-research/assessing-unikernel-security/?research=Whitepapers
Special Guest: Griffin Byatt.