32 min listen
219 RR Brakeman and Rails Security with Justin Collins
FromRuby Rogues
ratings:
Length:
59 minutes
Released:
Aug 5, 2015
Format:
Podcast episode
Description
02:40 - Justin Collins Introduction
Twitter
GitHub
Blog
Brakeman
@brakeman
SurveyMonkey
Brakeman Pro
@brakemanpro
03:40 - Brakeman & Static Analysis
04:02 - Common Security Vulnerabilities (and Definitions)
Cross-site Scripting
SQL Injection
rails-sqli.org
Mass Assignment
Open Redirects
08:57 - The Inspiration for Brakeman
09:47 - Getting Brakeman Working (Process)
10:41 - Learning About Security
The Rails Cheat Sheets
The Open Web Application Security Project (OWASP)
The OWASP Top Ten
13:01 - Security and The Rails Core Team
Justin Collins: The World of Ruby on Rails Security @ RailsConf 2015
15:19 - Should Brakeman be integrated into Rails?
16:29 - Running Brakeman On Your CI Machine
guard-brakeman
17:43 - Are there specific types of vulnerabilities that are hard to find with static analysis?
19:18 - Rails Engines
20:56 - When building an app, is security something you should focus on from the get-go?
Where should you get started?
The OWASP Top Ten
25:32 - Code Schools Teaching Security
26:17 - Translating Lessons Learned Into Brakeman
27:24 - Handling Security and Data Breaches
Charlie Miller
32:28 - Crowdsourcing Security (Security in Open Source)
Terri Oda: Bringing Security to Your Open Source Project
34:54 - The Technical Side of Brakeman and Static Analysis Tools
Identifying a Dangerous Value
37:34 - Data Tracing, Limited Data Flow Analysis
40:52 - Future Brakeman Features
43:29 - Supporting and Contributing to Brakeman
48:23 - PhDs
Picks
"Why didn't you [just]..." and "Did you consider..." Parley Thread (Avdi)
Object Thinking (Developer Reference) by David West (Avdi)
Web Design - The First 100 Years (Avdi)
Brighton Ruby Conference (Avdi)
Email (Avdi)
The Twitter Mute Button (Avdi)
git - the simple guide (Saron)
I Love My Campus (Saron)
LoneStarRuby (Saron)
React Rally (Jessica)
Livecoding.tv (Jessica)
Remembering the Apollo 11 Moon Landing With the Woman Who Made It Happen (Coraline)
Showgoers (Coraline)
AngularJS Kurs (Chuck)
Hire Thom Parkin! (Chuck)
RethinkDB (Justin)
Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age by Michael A. Hiltzik (Justin)
The Search for General Tso (Justin)
Special Guest: Justin Collins.
GitHub
Blog
Brakeman
@brakeman
SurveyMonkey
Brakeman Pro
@brakemanpro
03:40 - Brakeman & Static Analysis
04:02 - Common Security Vulnerabilities (and Definitions)
Cross-site Scripting
SQL Injection
rails-sqli.org
Mass Assignment
Open Redirects
08:57 - The Inspiration for Brakeman
09:47 - Getting Brakeman Working (Process)
10:41 - Learning About Security
The Rails Cheat Sheets
The Open Web Application Security Project (OWASP)
The OWASP Top Ten
13:01 - Security and The Rails Core Team
Justin Collins: The World of Ruby on Rails Security @ RailsConf 2015
15:19 - Should Brakeman be integrated into Rails?
16:29 - Running Brakeman On Your CI Machine
guard-brakeman
17:43 - Are there specific types of vulnerabilities that are hard to find with static analysis?
19:18 - Rails Engines
20:56 - When building an app, is security something you should focus on from the get-go?
Where should you get started?
The OWASP Top Ten
25:32 - Code Schools Teaching Security
26:17 - Translating Lessons Learned Into Brakeman
27:24 - Handling Security and Data Breaches
Charlie Miller
32:28 - Crowdsourcing Security (Security in Open Source)
Terri Oda: Bringing Security to Your Open Source Project
34:54 - The Technical Side of Brakeman and Static Analysis Tools
Identifying a Dangerous Value
37:34 - Data Tracing, Limited Data Flow Analysis
40:52 - Future Brakeman Features
43:29 - Supporting and Contributing to Brakeman
48:23 - PhDs
Picks
"Why didn't you [just]..." and "Did you consider..." Parley Thread (Avdi)
Object Thinking (Developer Reference) by David West (Avdi)
Web Design - The First 100 Years (Avdi)
Brighton Ruby Conference (Avdi)
Email (Avdi)
The Twitter Mute Button (Avdi)
git - the simple guide (Saron)
I Love My Campus (Saron)
LoneStarRuby (Saron)
React Rally (Jessica)
Livecoding.tv (Jessica)
Remembering the Apollo 11 Moon Landing With the Woman Who Made It Happen (Coraline)
Showgoers (Coraline)
AngularJS Kurs (Chuck)
Hire Thom Parkin! (Chuck)
RethinkDB (Justin)
Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age by Michael A. Hiltzik (Justin)
The Search for General Tso (Justin)
Special Guest: Justin Collins.
Released:
Aug 5, 2015
Format:
Podcast episode
Titles in the series (100)
Episode 10: 010 RR Personal Design Rules: Panelists Avdi Grimm (twitter github blog book) Charles Max Wood (twitter github Teach Me To Code) David Brady (blog twitter github ADDcasts) James Edward Gray (blog twitter github) Josh Susser (twitter github blog) - by Ruby Rogues