SAFE & OIDCC Audit + BEAM Security—Webinar Recordings

Hi all,

I recently sat down with @dali32 from the SAFE team at Erlang Solutions for two new security-focused webinars. If BEAM security is on your radar, give these a look before they disappear into the noise of your watch-later list.

Part 1 – SAFE & OIDCC

  • Building a full-fat OpenID Connect client for the BEAM
  • What an external SAFE audit actually looks like
  • The single String.to_atom pitfall we found and fixed
  • Using GitHub private advisories for responsible disclosure
  • Why third-party reviews are worth the hassle

Part 2 – Security & the BEAM Ecosystem

  • Why the Erlang Ecosystem Foundation became a CVE Numbering Authority
  • Grabbing and acting on fresh BEAM CVE data
  • Retiring vulnerable package versions on Hex
  • Supply-chain hardening via the Ægis initiative
  • Ways to get involved through the Security Working Group

Enjoy the videos, and let me know what you think!

2 Likes