Software Development Videos and Tutorials: Java, .NET, Ruby, Python, JavaScript, Agile, Software Testing
 
Security:  What Rails Will And Won’t Do For You

Security: What Rails Will And Won’t Do For You

There are a number of areas where rails can help web application developers ensure that their applications are appropriately secured (eg, CSRF protection and encoding of output) but there are others which can never really be addressed by frameworks alone. Additionally it’s very easy when developing an application to make assumptions about what is and isn’t possible for users to do, which is something hackers tend to take advantage of. My intention would be to present this in line with the OWASP top-10 vulnerabilities which is one of the most commonly used classifications of web application flaws.

http://scotland-on-rails.s3.amazonaws.com/2B07_RoryMcCune-SOR.mp4