Pick of the Day

A Content Security Policy (CSP) strategy

CSP is a great way to reduce or completely remove the number 1 web app security vulnerability – Cross-Site Scripting (XSS).

Sponsored By

Ruby on Rails security strategy guideThe complete Rails guide to developing a security strategy for busy lead architects. Limited free offer.

Receive 2(ish) monthly updates of new useful Rails security resources! (No spam. ➫ Example)

Rails Security Topics

More topics to come soon. Subscribe to the newsletter to hear about it first.

Newest Resources

A Content Security Policy (CSP) strategy

CSP is a great way to reduce or completely remove the number 1 web app security vulnerability – Cross-Site Scripting (XSS).

Cross-Site Request Forgery and Rails

CSRF explained and all related questions answered

Secure configuration of Rails applications

Store secrets in the environment variables, secure and manage them

Command injection in Rails

Injecting command line parameters or entire Unix commands

HTML-safe, ActiveSupport::SafeBuffer explained

How does Rails’ XSS protection work exactly

See all resources Resources for beginners Advanced-level resources