Main Content

Security - What rails will and won't do for you

About the Talk

March 28, 2009 6:45 AM

Edinburgh, Scotland

Edinburgh, Scotland

There are a number of areas where rails can help web application developers ensure that their applications are appropriately secured (eg, CSRF protection and encoding of output) but there are others which can never really be addressed by frameworks alone. Additionally it’s very easy when developing an application to make assumptions about what is and isn’t possible for users to do, which is something hackers tend to take advantage of. My intention would be to present this in line with the OWASP top-10 vulnerabiilities (http://www.owasp.org/index.php/Top_10_2007) which is one of the most commonly used classifications of web application flaws.

Ratings and Recommendations

Avg. Rating

Average based
on 9 ratings

comments powered by Disqus