Do you find it hard keeping up with Rails security?
You’re a busy developer, and you don’t have endless time for researching security. Making sense of the important security vulnerabilities can waste days or even weeks.
There are a lot of details out there, but not many solutions. Plenty of guides give you some bits and pieces of what to do, but leave out the most important thing — how to develop a whole security strategy.
What if you could move away from the firefighting and fiddling and create your own security strategy?
- respects your time.
- shows you how to maintain your security even when you and your team are busy.
- will help you manage the big picture by making informed decisions.
It will cover the following topics:
- Manual work is boring, automation is king, but in security both are needed to fix vulnerabilities.
- SSL/TLS security needs to be maintained too, and while you’re at it, make sure it’s always used.
- Emergencies happen, when they do you won’t have time to create a strategy for it anymore.
- Some people will test your security, make sure they’ll tell you about it first.
- Processes sound boring, but they will keep your software up to date.
- You don’t necessarily need a security expert. Your team can do their own code reviews and audits. Start small to increase quality and security.
- How to keep your codebase, your code repository organization and deployments secure.
- Cross-Site Scripting (XSS) can happen easily, so develop a Content Security Policy for your safety net.
- Your Rails 4 app prevents Content Sniffing and clickjacking, so you should know what it is.
- The security of APIs is very different, so learn how to get it right.
- Plus: Your work environment, habits and productivity.
If you are:
- an experienced Rails developer, but you find it hard to keep up
- a lead developer and your team generally keeps the app secure enough, but sometimes you feel there should be a system for how to keep up with security
- a new Rails developer and need some guidance where to start
this guide is for you.
If you're not convinced that this will help you, read this introduction: A week with a Rails Security Strategy.
If you’re not completely satisfied, I have a 30 day money-back guarantee.