RailsConf 2018: The Evolution of Rails Security by Justin Collins

Channel:
United States Confreaks
Subscribers:
42,400
Published on ● Video Link: https://www.youtube.com/watch?v=Btrmc1wO3pc


Duration: 37:08
1,706 views
42

RailsConf 2018: The Evolution of Rails Security by Justin Collins

Rails has a reputation for being secure by default, but how deserved is that reputation? Let's take a look back at some of the low points in Rails security history: from the first Rails CVE, to the controversial GitHub mass assignment, the 2013 Rails apocalypse, and more recent remote code execution issues. Then we'll cheer ourselves up with the many cool security features Rails has added over the years! We'll cover auto-escaping, strong parameters, default security headers, secret storage, and less well-known features like per-form CSRF tokens and upcoming Content Security Policy support.



Other Videos By Confreaks


2018-05-17RailsConf 2018: Taking the Pain Out of Support Engineering by Cecy Correa
2018-05-17RailsConf 2018: Reporting Live from the Ramp of Death by Thijs Cadier
2018-05-17RailsConf 2018: What's in a price? How to price your products and services by Michael Herold
2018-05-17RailsConf 2018: Running a Business, Demystified by Todd Kaufman & Justin Searls
2018-05-17RailsConf 2018: Keynote: The Future of Rails 6: Scalable by Default by Eileen Uchitelle
2018-05-17RailsConf 2018: Human Powered Rails: Automated Crowdsourcing In Your RoR App by Andy Glass
2018-05-17RailsConf 2018: Ales on Rails: Making a Smarter Brewery with Ruby by Ben Shippee
2018-05-17RailsConf 2018: Draw a Crowd by Brittany Martin
2018-05-17RailsConf 2018: Harry the Hedgehog Learns You A Communication by Laura Mosher
2018-05-17RailsConf 2018: The Code-Free Developer Interview by Pete Holiday
2018-05-17RailsConf 2018: The Evolution of Rails Security by Justin Collins
2018-05-17RailsConf 2018: Ten Years of Rails Tutorials by Michael Hartl
2018-05-17RailsConf 2018: Building a Collaborative Text Editor by Justin Weiss
2018-05-17RailsConf 2018: Warden: the building block behind Devise by Leonardo Tegon
2018-05-17RailsConf 2018: Broken APIs Break Trust: Tips for Creating and Updating APIs by Alex Wood
2018-05-17RailsConf 2018: Some Funny Things Happened on The Way to A Service Ecosystem by Chris Hoffman
2018-05-17RailsConf 2018: So You’ve Got Yourself a Kafka: Event-Powered Rails Services by Stella Cotton
2018-05-17RailsConf 2018: The Practical Guide to Building an Apprenticeship by Max Tiu
2018-05-17RailsConf 2018: Keeping Moms Around for the Long Term by Tess Griffin
2018-05-17RailsConf 2018: Mechanically Confident by Adam Cuppy
2018-05-17RailsConf 2018: Pairing: a guide to fruitful collaboration πŸ“πŸ‘πŸ by AndrΓ© Arko