Matt Ludwigs

Matt Ludwigs

Senior Software Engineer, River

Matt Ludwigs has been writing Elixir since 2016. During this time has worked across the full stack from Nerves to Phoenix. He is currently leading the application security efforts at River.

When he’s not hacking on software, you’ll likely find him spending time with his family or practicing the gentle art of jiu-jitsu.

Talk:
The Alchemy of Security: Crafting Secure Applications in Elixir

As Elixir developers, we have the privilege of building cool, cutting-edge applications with Phoenix, LiveView, and more. But while we’re busy crafting these innovative solutions, there’s a constant, evolving threat—attackers who are always scheming to exploit vulnerabilities in the systems we build. They never stop, and neither should we.

In this talk, we’ll explore how to evolve alongside these threats, adopting proactive security measures to protect our users and our applications. I’ll cover general AppSec best practices and dive into Elixir-specific considerations, tools, and strategies that help us defend our apps in production. You’ll learn how to identify common security pitfalls, protect sensitive data, secure APIs, and much more. We’ll also look at the tools that help automate and strengthen your security posture.

If you’re an Elixir developer who wants to ensure the safety of your applications and users, this talk is for you. Let’s conspire to stay one step ahead of attackers and build resilient systems together.

Key Takeaways:

  • Practical AppSec Strategies: Learn general application security best practices that are essential for securing any web application, including Elixir apps.
  • Elixir-Specific Security Considerations: Understand how to apply security principles specifically within the Elixir ecosystem, including Phoenix and LiveView.
  • Tools and Automation: Discover tools and techniques to help automate and streamline security processes, making it easier to maintain a secure application.
  • Real-World Application: Gain actionable insights and strategies that can be immediately applied to Elixir projects to safeguard users and data.
  • Building Resilient Systems: Learn how to stay ahead of attackers and ensure your apps are prepared to defend against evolving threats.

Target Audience:

  • This talk is for anyone running a Phoenix application in production who wants to strengthen its security — both at the organizational level and in the code itself.
  • It’s also a great fit for developers looking to take the lead in driving application security initiatives within their teams or companies.