Skip to content
This repository has been archived by the owner on Jul 22, 2018. It is now read-only.

Securing the Rails

Zach Morek edited this page Apr 24, 2012 · 2 revisions

Presenter: Aaron Bedra

Abstract

Building safe web applications isn’t always easy. The good news is that Rails provides a lot of features that will help you along the way. Aaron will walk you through the common mistakes made by web developers, and how to account for them while working with Rails. He will also walk you through some tools you can use to make securing your applications much much easier.

Notes

@ZachMorek

  • XSS - Rails3 automatically escapes output
  • CSRF - tokens are built in
  • SQL Injection

Tools

Books

  • OWASP WebGoat project
  • Web Application Hacker's Handbook
  • Pracical Software Security

External Links

A crowd-sourced conference wiki!
Working together is better. :)




Clone this wiki locally