Here you can find documents and other resources produced by the Security WG of the Erlang Ecosystem Foundation.

We welcome feedback and suggestions, especially to public drafts: please open an issue or PR through our GitHub repo. You can reach out to members of the working group through the #eef-security-wg channel at the Erlanger Slack workspace, or via email at security (at) erlef (dot) org.

Documents

• Secure Coding and Deployment Hardening Guidelines (draft)
• Web Application Security Best Practices for BEAM languages (draft)

Specifications

• ‘hex’ Package URL type
  • Part of Hex specifications
• ‘otp’ Package URL type (draft)