Los Angeles/2011 Meetings/May 25 - Revision history

Sarah Baso at 04:13, 14 July 2011

2011-07-14T04:13:49Z

Sarah Baso at 15:06, 31 May 2011

2011-05-31T15:06:16Z

Sarah Baso: Created page with "=== Topic: Automated Detection of Security Flaws in Ruby on Rails Code === Ruby on Rails is a popular web framework which is rapidly being adopted by companies. While Ruby is a ..."

2011-05-31T03:28:56Z

Created page with "=== Topic: Automated Detection of Security Flaws in Ruby on Rails Code === Ruby on Rails is a popular web framework which is rapidly being adopted by companies. While Ruby is a ..."

New page

=== Topic: Automated Detection of Security Flaws in Ruby on Rails Code ===

Ruby on Rails is a popular web framework which is rapidly being adopted by companies. While Ruby is a very dynamic language, Rails’ adherence to the concept of “convention over configuration” has made it possible to create a capable, open source static analysis tool called “Brakeman” for finding security vulnerabilities at the source code level. Hudson – recently renamed Jenkins – is a continuous integration system which can be configured to run and monitor a wide variety of jobs. This talk will focus on the advantages of using static analysis for discovering security issues, and demonstrate how easy it is automatically monitor vulnerabilities in Ruby on Rails applications during all stages of development using Brakeman and Jenkins.

'''[[Media:Justin_Collins-OWASPLA-Brakeman.pdf| Justin's Brakeman Presentation]]'''

=== Speaker: Justin Collins ===

Justin is a Security Engineer at AT&T Interactive and a PhD candidate in computer Science at UCLA. He wrote and published Brakeman, security code analyzer for Ruby on Rails code, which is available on GitHub.

← Older revision		Revision as of 04:13, 14 July 2011
Line 12:		Line 12:

	Ruby on Rails is a popular web framework which is rapidly being adopted by companies. While Ruby is a very dynamic language, Rails’ adherence to the concept of “convention over configuration” has made it possible to create a capable, open source static analysis tool called “Brakeman” for finding security vulnerabilities at the source code level. Hudson – recently renamed Jenkins – is a continuous integration system which can be configured to run and monitor a wide variety of jobs. This talk will focus on the advantages of using static analysis for discovering security issues, and demonstrate how easy it is automatically monitor vulnerabilities in Ruby on Rails applications during all stages of development using Brakeman and Jenkins.		Ruby on Rails is a popular web framework which is rapidly being adopted by companies. While Ruby is a very dynamic language, Rails’ adherence to the concept of “convention over configuration” has made it possible to create a capable, open source static analysis tool called “Brakeman” for finding security vulnerabilities at the source code level. Hudson – recently renamed Jenkins – is a continuous integration system which can be configured to run and monitor a wide variety of jobs. This talk will focus on the advantages of using static analysis for discovering security issues, and demonstrate how easy it is automatically monitor vulnerabilities in Ruby on Rails applications during all stages of development using Brakeman and Jenkins.
		+
		+
		+	==Sponsor: En Pointe Technologies ==
		+
		+	[http://www.enpointe.com/ En Pointe Technologies]

@@ Line 1: / Line 1: @@
-=== Topic: Automated Detection of Security Flaws in Ruby on Rails Code ===
+== Topic: Automated Detection of Security Flaws in Ruby on Rails Code ==
 '''[[Media:Justin_Collins-OWASPLA-Brakeman.pdf| Justin's Brakeman Presentation]]'''
-=== Speaker: Justin Collins ===
+== Speaker: Justin Collins ==
 Justin is a Security Engineer at AT&T Interactive and a PhD candidate in computer Science at UCLA. He wrote and published Brakeman, security code analyzer for Ruby on Rails code, which is available on GitHub.