Unlock the Power of OpenID Connect on the BEAM

In an increasingly interconnected digital world, ensuring robust security and seamless user experiences is paramount. OpenID Connect, a proven authentication framework, stands at the forefront of this challenge. This conference talk delves deep into the realm of OpenID Connect, shedding light on its myriad benefits and showcasing practical techniques to effortlessly integrate it into your Erlang and Elixir web applications and APIs.

Discover the foundational concepts that make OpenID Connect a compelling choice for identity authentication. Explore how it simplifies the process of verifying user identities while enhancing security. We'll explore the benefits of Single Sign-On (SSO), identity federation, and secure user data exchange, all facilitated by OpenID Connect.

Blogpost: https://dev.to/maennchen/openid-connect-an-introduction-4p4b
Talk Recording: https://www.youtube.com/watch?v=4mTrqRSttyo
GitHub: https://github.com/erlef/oidcc

From Freakout to Fix: Navigating a Security Disaster

Picture this: you’re chugging coffee late at night when you realize your beloved library has a massive security hole. Worse yet, someone’s already posted a proof-of-concept exploit for the world to see. Suddenly, thousands of projects are at risk, and you’re the one holding the bag. That’s exactly the scenario this talk tackles: the rush of panic, the scramble to inform everyone, and ultimately the hero’s journey to patch things up.

We’ll step through how to file vulnerabilities through official channels (like the CVE system) and bring clarity to the confusion of those first chaotic hours. You’ll see how simple tools, vulnerability scanners, and a clear emergency plan can make the difference between an all-nighter of sweaty debugging and a smoother return to stability. Along the way, we’ll talk best practices for preventing these disasters in the first place—from well-defined security policies to having the right people on speed dial.

And here’s the kicker: vulnerability disclosure isn’t something to hide under the rug. Handled well, it’s proof that you take security seriously, and that alone can earn respect. By the end of this session, you’ll have the knowledge (and the confidence) to handle your very own “Oh no!” moment with a lot less panic and a lot more rock ‘n’ roll.

Target Audience
* Maintainers of libraries and anyone running a production project.
* People curious about the basics of handling real-world security incidents.

Base Level of Knowledge
* No deep security expertise required; this talk will serve as an introductory crash course on vulnerability disclosure processes, common tooling, and best practices to keep your code (and your sanity) intact.

COVID-19 contact tracing on the BEAM

COVID-19 contact tracing on the BEAMTracing a pandemic's spread throughout society presents its unique challenges. This talk will cover the history of «Hygeia», an application on the BEAM, built from scratch for the sole purpose of empowering health workers in managing the pandemic and its impact on the lives of the affected.

We will cover the story of how technologies such as Phoenix, LiveView, ecto, gen_smtp, Surface, and Docker/Kubernetes empowered us to develop a viable application in a highly dynamic field and how we discovered and overcame many pitfalls along the way.

Talk Recording: https://www.youtube.com/watch?v=7ypfyCOfwLo
GitHub: https://github.com/jshmrtn/hygeia

Code BEAM V EU 2021