Category: Ruby/Rails

How RuboCop Can Secure Your Ruby and Rails Applications

In the last two posts, we covered setting up bundler-audit to identify vulnerable dependencies and brakeman for static code analysis. In this post, we will focus on using RuboCop as static code analyzer for security checks. While RuboCop is known as a linter and formatter, it also comes with some security rules and can be extended with […]

Read More
Using Brakeman to secure your Rails app

In the last article, we talked about using bundler-audit to detect vulnerable dependencies and explored how to best resolve the issues. In this article, we will look into our first Static Application Security Testing (SAST) tool. Tools that perform static analysis, scan your source code and look for certain patterns. They will not execute your […]

Read More
Keeping vulnerable dependencies out of your Rails App

Not a single day passes without news coverage of yet another security incident. That makes it clear that writing secure code is an essential skill for software engineers these days. This is the first post in a 3-part series that explores using open-source tools to level up the security of your Ruby and Ruby on […]

Read More
Ruby and Ruby on Rails support for GuardRails released

We are excited to announce our latest language support. With Python and JavaScript already part of the GuardRails family, we are now adding Ruby, to fully cover the modern development stack. This allows you to have your Ruby and Rails application secured while you are working on new features. We will also detect and report […]

Read More