Overview: This presentation will be An examination of a modern rails application reviewing application security best practices going through specific rails controls for the application, best practices in deploying and how to integrate application controls, local host and network firewall controls into a self-monitoring, alerting and automated security system.
all techniques and tools reviewed are open source and not only freely available but strongly encouraged to use. a short list of technologies that will be reviewed include: rails, nginx, naxsi, rack-attack, brakeman, syslog, fail2ban, ossec and more..
Why should you Attend: Do you have applications on the internet? Have you security the application in addition to the server and network it runs on? Do all components talk together to provide security for the application and your data? This presentation will examine a Ruby on Rails application with integrated security controls and show how to integrate into a holistic operational security system that protects against and responds to threats to the system.
Areas Covered in the Session:
Application security best practices
Server / network security best practices
Integrating server / network and application security into holistic security system
Who Will Benefit:
Minimal IT/Security management