This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Los Angeles"
Sarah Baso (talk | contribs) |
|||
| Line 17: | Line 17: | ||
==== Topic: Automated Detection of Security Flaws in Ruby on Rails Code ==== | ==== Topic: Automated Detection of Security Flaws in Ruby on Rails Code ==== | ||
| − | + | Ruby on Rails is a popular web framework which is rapidly being adopted by companies. While Ruby is a very dynamic language, Rails’ adherence to the concept of “convention over configuration” has made it possible to create a capable, open source static analysis tool called “Brakeman” for finding security vulnerabilities at the source code level. Hudson – recently renamed Jenkins – is a continuous integration system which can be configured to run and monitor a wide variety of jobs. This talk will focus on the advantages of using static analysis for discovering security issues, and demonstrate how easy it is automatically monitor vulnerabilities in Ruby on Rails applications during all stages of development using Brakeman and Jenkins. | |
==== Speaker: Justin Collins ==== | ==== Speaker: Justin Collins ==== | ||
Revision as of 19:19, 23 May 2011
Local News
Sign up for OWASP Los Angeles mailing list, very low volume and spam free.
https://lists.owasp.org/mailman/listinfo/owasp-losangeles
<paypal>Los Angeles</paypal>
Next Chapter Meeting: Wednesday, May 25, 2011 7:00 P.M. - 8:30 P.M.
Symantec
900 Corporate Pointe
Culver City, CA 90232
Please RSVP: http://owasp-may2011.eventbrite.com/
Topic: Automated Detection of Security Flaws in Ruby on Rails Code
Ruby on Rails is a popular web framework which is rapidly being adopted by companies. While Ruby is a very dynamic language, Rails’ adherence to the concept of “convention over configuration” has made it possible to create a capable, open source static analysis tool called “Brakeman” for finding security vulnerabilities at the source code level. Hudson – recently renamed Jenkins – is a continuous integration system which can be configured to run and monitor a wide variety of jobs. This talk will focus on the advantages of using static analysis for discovering security issues, and demonstrate how easy it is automatically monitor vulnerabilities in Ruby on Rails applications during all stages of development using Brakeman and Jenkins.
Speaker: Justin Collins
Justin is a Security Engineer at AT&T Interactive and a PhD candidate in computer Science at UCLA. He wrote and published Brakeman, security code analyzer for Ruby on Rails code, which is available on GitHub.
Would you like to speak at an OWASP Los Angeles Meeting?
Call for Papers (CFP) is NOW OPEN. To speak at upcoming OWASP Los Angeles meetings please submit your BIO and talk abstract via email to Tin Zaw. When we accept your talk, it will be required to use the Powerpoint OWASP Template.
Archives of Previous Meetings
A list of previous presentations conducted at the Los Angeles Chapter can be found here.
Los Angeles Chapter
- Tin Zaw -- Chapter Leader and Chair
- Cassio Goldschmidt -- Board Member
- Richard Greenberg -- Board Member
- Sarah Baso -- Chapter Administrator
The AppSec USA 2010 conference received rave reviews. Thanks to all the volunteers and great speakers who helped make it a success!
Check out the videos: http://vimeo.com/user4863863/videos
