OWASP, Ruby on Rails, security
TL;DR This post is about risk sensitive data exposure in your Ruby on Rails application. It will cover unauthorized access and cross site request forgery check (CSRF). Unauthorized access risk…
OWASP, Ruby on Rails, security
TL;DR Mass assignment is security risk where user can create/update data attributes that is not allowed to update. Here is an example. Imagine application that registers your employees working hours….
OWASP, Ruby on Rails, security
TL;DR This is next post in series about Ruby on Rails security. In previous post I explained how to harden other servers. This time I will explain daily security check…
OWASP, Ruby on Rails, security
TL;DR In previous post I explained security hardening for linux server. This post will describe hardening based on server purpose. Modern web application typically consists from following components: web server…
OWASP, Ruby on Rails, security, security testing
TL;DR Next series of blog posts is about Ruby on Rails bottom up security. I will cover all aspects of web application written in Ruby on Rails framework. Described security…
learn testing, OWASP, security, security testing, testing tool, Uncategorized
TL;DR In this post I will provide an example how to set the scope of system regression test in order to achieve coverage of features that need to be tested….
