logo Boston Ruby Group


Past presentations ~ RSS

March 12, 2013

Rails Application Security in Practice

by Bryan Helmkamp

Out of the box, Rails does its best to help you secure your app. Unfortunately, without consistent application of secure development principles, practices and tools, it's just a matter of time before vulnerabilities creep in. Despite Rails' secure defaults, most Rails applications have vulnerabilities, many of which are easy to detect and fix. As a community, increased awareness and understand of web application security puts us in the best position to avoid breaches (like the GitHub SSH key fiasco), and keep our businesses safe. The best time to start locking down your app is now, not after your first close call (or worse). We'll walk through exactly what you need to reduce the risk of a security breach to your business, beyond the Rails defaults.

blog comments powered by Disqus