Elixir Application Security

Michael Lubas


Altis Grand Hotel


Security is critical for Elixir and Phoenix applications running in production. There are many resources available for developers looking to learn about this topic, so many that it can be difficult to prioritize the most important topics.

This training will introduce students to the web application security concepts most relevant for Elixir and Phoenix developers. Students will get practical hands-on experience with security problems through lab exercises. The open source vulnerable Elixir application Potion Shop will be used for these labs. - https://github.com/securityelixir/potion_shop

Topics will include:

  1. An introduction to web application security issues, and which types of vulnerabilities are most relevant to Elixir developers.
  2. Hands on labs showing how to exploit and defend against these vulnerabilities (XSS, RCE, CSRF, etc). If these acronyms mean nothing to you, by the end of course you will understand all of them.
  3. How to use open source tools to detect and fix security problems in your own applications.


  1. Help students understand common security issues.
  2. Show students the tools and techniques to prevent security vulnerabilities.
  3. Inspire students to apply this knowledge in their own professional work.

PREREQUISITES: You should be familiar with the basics of Elixir and Phoenix.

Experience level: