I’m back from the Rails Conference Europe in Berlin. I realize that a 45 minute talk is hardly enough to tell everything which is important to say about Rails security. Moreover, you will never get the level right in a talk about security (or generally): There are Rails newbies, everyday-programmers and even security experts.
Anyway, I was referring to this web site quite often as I wanted to provide further reading about more advanced security problems in Rails and their countermeasures. Therefore, I created a Rails security cheatsheet with all the information in one place.
Go to the Ruby on Rails Security cheatsheet.