11 Jan '13, 3am

Here is our talk from @OWASPChicago cc: @claudijd Thanks again!

In this talk, Jon Claudius and I talk about common security issues with Rails apps and encourage our security audience to find ways to meet with and work with the Ruby/Rails community.

Full article: https://speakerdeck.com/mkonda/owasp-chicago-ruby-on-rail...

Tweets

ModSecurity Mitigations for Ruby on Rails XML Exploits

ModSecurity Mitigations for Ruby on Rails XML E...

blog.spiderlabs.com 10 Jan '13, 6pm

There is big trouble in Ruby on Rails (RoR) land... The issue is related to XML parsing of YAML document elements or Symbo...

Ruby on Rails Vulnerabilities Discovered, Users Urged to Update Immediately

Ruby on Rails Vulnerabilities Discovered, Users...

thewhir.com 10 Jan '13, 4pm

A vulnerability discovered on the Ruby on Rails web application framework allows attackers to bypass authentication system...

Ruby on Rails Bootcamp in Seattle

codefellows.org 10 Jan '13, 2pm

Immersive education is the best way to learn how to code. You'll be living and breathing Ruby on Rails every day of the we...

Update Ruby now before it goes off the Rails

Update Ruby now before it goes off the Rails

pcworld.com 10 Jan '13, 10pm

Do you use Ruby on Rails? If so, it’s time to update. Now. Ruby on Rails is an open source Web application framework built...

Read @adamjodonnell's insights on the latest Ru...

blog.sourcefire.com 09 Jan '13, 8pm

A little under 24 hours ago two major, long-standing vulnerabilities were announced in the popular web programming framewo...

「Ruby on Rails」に複数の脆弱性、対策を呼びかけ(JVN) | ScanNetSe...

scan.netsecurity.ne.jp 09 Jan '13, 9am

独立行政法人 情報処理推進機構(IPA)および一般社団法人 JPCERT コーディネーションセンター(JPCERT/CC)は1月9日、「Ruby on Rails」に複数の脆弱性が存在すると「Japan Vulnerability Notes(...

SQL Injection Flaw in Ruby on Rails, (Wed, Jan ...

isc.sans.edu 09 Jan '13, 2am

A SQL Injection Flaw (CVE-2012-5664) was announced last week (Jan 2) in Ruby on Rails, but I think we missed reporting on ...

New flaw in Ruby on Rails:

New flaw in Ruby on Rails:

infosecurity-magazine.com 09 Jan '13, 1pm

Earlier today the Internet Storm Center (ISC) reported , “A SQL Injection Flaw (CVE-2012-5664) was announced last week (Ja...

Ruby on Rails に複数の脆弱性

jvn.jp 09 Jan '13, 3am

US-CERT Vulnerability Note VU#380039 Ruby on Rails contains multiple vulnerabilities in parameter parsing in the Action Pa...

Five Reasons Why We Use Ruby on Rails

Five Reasons Why We Use Ruby on Rails

infront.com 05 Jan '13, 6pm

When we have intital discussions with potential website clients, one thing we always talk about is our Content Management ...

Rails, Ruby, And Type-Checking

Rails, Ruby, And Type-Checking

gilesbowkett.blogspot.com 02 Jan '13, 10am

I guess I was pontificating a little, but I want to go into more detail. Rails does something brilliant with its associati...

#OWASP [Rails] Re: CSRF tokens for mobile apps ...

netrubyonrails.blogspot.com 29 Dec '12, 3pm

Hey Jim, don't be a jerk, especially when your answer is wrong. Using <%= form_authenticity_token %> doesn't work because ...

Rails 4: What's New

rubyflow.com 03 Jan '13, 9pm

Rails 4: What's New Posted by jangosteve on January 03, 2013 — 0 comments Basically transcribed the highlights from Andy L...

Ruby on Rails Designer - Sass & Rails - oDesk: ...

odesk.com 05 Jan '13, 3am

Rails and Sass programmer to change an existing ecommerce website to 1) create a new front page that will allow project po...