Explore a conference talk on integrating Brakeman, a static analysis tool for Ruby on Rails, with Jenkins for automated security testing. Learn how this powerful duo detects defects in Ruby on Rails code, enhancing application security. Discover the structure of Ruby on Rails applications and see practical examples of Brakeman and Jenkins warnings. Gain insights into various security concerns, including issues in application controllers, user controls, views, and models. Understand the importance of proper attribute assignment and admin settings. Dive into the process of creating a Rails application, setting up test units, managing code repositories, and implementing automated checks. Explore how to handle variables, manage inventory without inline code, and optimize your development workflow for improved security and efficiency.
Brakeman & Jenkins - The Duo Detects Defects in Ruby on Rails Code
Overview
Syllabus
Intro
Brakeman
Static Analysis Tool
Ruby on Rails Structure
Example
Brakeman Warning
Jenkins Warning
Application Controller
User Control
View
Filter Warning
Rails Model
AS Assignment
AS Admin
Hudson
GreatMan
GreatMan Plugin
Traits
Resources
Create Rails application
Test Unit
Repository
Code Updates
Checks
Warnings
Variables
Inventory without inline
Alphabeat
Taught by
LASCON
