RubyConf 2021 - Squashing Security Bugs with Rubocop by Omar

Channel:
United States Confreaks
Subscribers:
42,400
Published on ● Video Link: https://www.youtube.com/watch?v=75TtHyn5uLQ


Duration: 26:46
25 views
0

You spot a subtle security bug during a code review and flag it, making sure it's fixed before it gets deployed. Taking this one step further you want to make sure others don't make same mistake. Short of reviewing every piece of code, what can you do?

That's where Rubocop comes in. You can save time in code reviews by using it to enforce coding patterns and styles. As a security-minded engineer you might ask: could we use it to find security bugs? Turns out you can!

This talk will cover how Betterment uses Rubocop to detect vulnerabilities and the thought process that went into this work.

**Filmed by Colorado Union Videographers



Other Videos By Confreaks


2022-08-09RubyConf 2021 - Optimizing Partial Backtraces in Ruby 3 by Jeremy Evans
2022-08-09RubyConf 2021 - Improving CVAR performance in Ruby 3.1 by Eileen M Uchitelle
2022-08-09RubyConf 2021 - Compiling Ruby to Native Code with Sorbet & LLVM by Jake Zimmerman & Trevor Elliott
2022-08-09RubyConf 2021 - YJIT - Building a new JIT Compiler inside CRuby by Maxime Chevalier Boisvert
2022-08-09RubyConf 2021 - Achieving Fast Method Metaprogramming: Lessons from.. by Jemma Issroff, Jacob Evelyn
2022-08-09RubyConf 2021 - Mixed Reality Robotics Simulation with Ruby by Kota Weaver
2022-08-09RubyConf 2021 - Drones Galore: controlling multiple drones using mruby/ruby by Shashank Daté
2022-08-09RubyConf 2021 - Joyful Polyglot: Beautiful insights from many languages by Nick Barone
2022-08-09RubyConf 2021 - Acidic Jobs: A Layman's Guide to Job Bliss by Stephen Margheim
2022-08-09RubyConf 2021 - Gradual Typing in Ruby - A Three Year... by Ufuk Kayserilioglu, Alexandre Terrasa
2022-08-09RubyConf 2021 - Squashing Security Bugs with Rubocop by Omar
2022-08-09RubyConf 2021 - The Algorithm Ate My Homework by Yechiel Kalmenson
2022-08-09RubyConf 2021 - Contractualism + Software Engineering: We're All In This... by Katya Dreyer Oren
2022-08-09RubyConf 2021 - Reframing Shame & Embracing Mistakes by Jameson Hampton
2022-08-09RubyConf 2021 - Why we worry about all the wrong things by Hilary Stohs Krause
2022-08-09RubyConf 2021 - Problem Solving Through Pair Programming by Emily Harber
2022-08-09RubyConf 2021 - Dishonest Software: Fighting Back Against the Industry Norms by Jason Meller
2022-08-09RubyConf 2021 - Building Native Extensions. This Could Take A While... by Mike Dalessio
2022-08-09RubyConf 2021 - How GitHub uses linters by Joel Hawksley
2022-08-09RubyConf 2021 - How to Make a Gem of a Gem by Justin Searls
2022-08-09RubyConf 2021 - The Science and Magic of Debugging by Vaidehi Joshi