Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Slides and Notes for the "Securing your Rails App" presentation
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
diagrams/security.graffle Added 2nd page to diagram.
keynote
README.md

README.md

TITLE: Securing Your Rails App

PRESENTERS: Jim Weirich and Matt Yoho

SHORT DESCRIPTION:

Given the many features of Rails that promote good security, one gets the impression that your typical Rails web site is relatively secure. That impression is completely misleading. Without paying deliberate attention to security details, it is almost certain that your application has security flaws. This talk will cover the ins and outs of web security and help you build a secure site.

ABSTRACT:

"Then it starts to scan the computer and transmit bits of information every time he clicks the mouse while he's surfing. After a while, [...] we've accumulated a complete mirror image of the content of his hard drive [...]. And then it's time for the hostile takeover."

-- Lisbeth Salander in Stieg Larsson's "The Girl with the Dragon Tattoo"

Hacker dramas like the Stieg Larrson book make for good fiction, but we know that real life rarely matches drama. And with all the security features that Rails 3 has added, surely it is difficult to hack a typical Rails web site.

Right?

Wrong! Without deliberate attention to the details of security, it almost certain that your site has flaws that a knowledgeable hacker can exploit. This talk will cover the ins and outs of web security and help you build a site that is protected from the real Lisbeth Salanders of the world.

Something went wrong with that request. Please try again.