A guide to a week with a Rails security strategy
This includes a 5-page guide on how to form the habits and a plan for each day for you to follow.
Brakeman: Static code vulnerability scanner for Rails
Analyzes the source code and reports known security vulnerabilities
Httponly cookies in Rails
Why and how, for session and normal cookies
New Rails security HTTP headers
Some are sent by default in Rails now
Rack::Attack: Rate limits against DDoS and abusive users
Track and throttle requests
RubyGems security
Keep your gems and RubyGems sources safe
Secure configuration of Rails applications
Store secrets in the environment variables, secure and manage them
