Home » Coding, Open Source Tools

Security – What Rails Will And Won’t Do For You

22 December 2009 No Comment

There are a number of areas where rails can help web application developers ensure that their applications are appropriately secured (eg, CSRF protection and encoding of output) but there are others which can never really be addressed by frameworks alone. Additionally it’s very easy when developing an application to make assumptions about what is and isn’t possible for users to do, which is something hackers tend to take advantage of. My intention would be to present this in line with the OWASP top-10 vulnerabilities which is one of the most commonly used classifications of web application flaws.

http://scotland-on-rails.s3.amazonaws.com/2B07_RoryMcCune-SOR.mp4

Related Videos:

Comments:

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.

CAPTCHA Image
*