https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/

Skip to the content.

Secure Coding and Deployment Hardening Guidelines

Documentation, specifications and code from the Security Working
Group of the Erlang Ecosystem Foundation

View on GitHub

Secure Coding and Deployment Hardening Guidelines

Best-practices for writing and running applications on the BEAM, by
the Erlang Ecosystem Foundation's Security Working Group.

To report mistakes or suggest additional content, please open an
issue or create a pull request in the GitHub repository.

Contents

  * Introduction
  * Secure Coding Recommendations
      + Preventing atom exhaustion
      + Serialisation and deserialisation
      + Spawning external executables
      + Protecting sensitive data
      + Sandboxing untrusted code
      + Preventing timing attacks
      + Erlang standard library: ssl
      + Erlang standard library: inets
      + Erlang standard library: crypto
      + Erlang standard library: public_key
      + Erlang standard library: xmerl
      + Boolean coercion in Elixir
  * Deployment Hardening
      + Installing/building the runtime system
      + Releases
      + Distribution
      + Crash dumps and core dumps
  * Resources

Next: Introduction >> security-wg is maintained by erlef. This page
was generated by GitHub Pages.