voltone
commented
2 years ago Erlang distribution protocol: overview, risks, EPMD, network interface binding, security mechanisms, TLS transport, ...
Open voltone opened 2 years ago
voltone
commented
2 years ago Erlang distribution protocol: overview, risks, EPMD, network interface binding, security mechanisms, TLS transport, ...
voltone
commented
2 years ago Interaction with the host OS executables/processes: ports, os:cmd, NIFs, erl_child_setup, erlsrv, heart, ...
voltone
commented
2 years ago Introspection: observer, crash dumps, remote console, to_erl
voltone
commented
2 years ago Code loading: interactive vs. embedded, load paths, executable config files in Elixir releases, code_server
varnerac
commented
2 years ago Where to find config files. What files need restricted read/write permissions.
vkatsuba
commented
2 years ago Erlang/OTP profiling: fprof, eprof, cprof, dbg, lcnt, perf.
vkatsuba
commented
2 years ago Load testing - Tsung.
Create a 'testing guide' aimed at security professionals with little or no experience with the BEAM platform. The document should provide both background information, with links to relevant resources, and concrete examples of verification tests that show necessary hardening is in place.
Please add any suggestions for topics that we might cover as comments in this ticket.