Defending Against Attacks With Rails

By Tony | Published: August 4, 2009

A couple weeks ago I presented on Rails security at a local Ruby On Rails meetup. I finally got around to posting the slides online.

The presentation covers topics including authentication, hashing, salting, key stretching, white listing, session hijacking, replay attacks, session fixation, cross-site request forgery, cross site scripting, sql injections, other injections, and some other Rails related security issues. Let me know if you have questions and please give me some feedback. I didn’t get too creative with the presentation because there was a lot of content to cover.

Defending Against Attacks With Rails
View more presentations from Tony Amoyal.
No TweetBacks yet. (Be the first to Tweet this post)
Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Google
  • MySpace
  • Slashdot
  • StumbleUpon
  • Technorati
  • TwitThis

If you enjoyed this post, make sure you subscribe to my RSS feed!

This entry was posted in Software and tagged , , , , , , , , , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

One Trackback

  1. By Getting jQuery, Rails, and Authenticity Tokens to play nice | Tony Amoyal on December 6, 2009 at 5:48 pm

    [...] nice with your jQuery POST requests. By the way, if you don’t know what CSRF is, check out my Ruby on Rails security presentation. You need to send an Authenticity Token with each POST request and jQuery does not do that for you [...]

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">