While working to secure Rails applications in a truly Agile development environment, it became clear to Ken Johnson (@cktricky), CTO of nVisium Security, and Mike McCabe (@mccabe615) that the Rails community needed attention to security in the form of free and open training. The events that have transpired this past year have only reinforced that belief. RailsGoat, an OWASP project, is an attempt to bring attention to both the problems that most frequently occur in Rails, solutions for remediation, and common attack scenarios. Ken, Mike, and their contributors built a vulnerable Rails application that aligns with the OWASP Top 10 and can be used as a training tool for Rails-based development shops.
Brakeman - http://brakemanscanner.org/
RailsGoat - http://railsgoat.cktricky.com/
OWASP - https://www.owasp.org/
OWASP NoVA - http://www.meetup.com/OWASP-Northern-Virginia-Chapter/
Rails Security Guide - http://guides.rubyonrails.org/security.html
RoR Security Google Group - https://groups.google.com/forum/#!forum/rubyonrails-security
DevOops Video - https://www.youtube.com/watch?v=1kPw3tHt2oo
DevOops Slides - http://www.slideshare.net/chrisgates/lascon-2014-devooops
Ensnare Gem - https://github.com/ahoernecke/ensnare
📆 2015-01-15 14:15 / ⌛ 00:55:24
📆 2015-01-12 21:01 / ⌛ 01:00:01
📆 2014-12-19 13:09 / ⌛ 01:06:38
📆 2014-12-18 15:39 / ⌛ 01:14:48
📆 2014-12-12 20:59 / ⌛ 00:56:35