The (not so) Magic Tricks of Testing in Elixir (2/2) Handling Webhooks in Phoenix

Fortifying APIs: timing attacks

Securing your application’s main channel of communication against all kinds of attacks is never in vain.

One of the most important features of an API, besides usability, is resilience. A big aspect of a more resilient API is a restricted amount of information communicated. This is important to keep in mind, since every bit of information you give away, aids in an attack against your API.

So let’s have a look at how we can fortify our APIs against one kind attack: timing attacks.

https://sealas.at/blog/2018-02/fortifying-apis-timing-attacks/