Presentations by Daniel Lobato García:
Rails Israel 2015 Conference, Tuesday, November 24, 2015, 10:55
Security is an afterthought for your app? You have a problem, but after you review your application and apply all of the tips I'll talk about, attackers will have it much harder than before.
We'll go over whitelisting vs blacklisting, how just visiting a site can be a problem (CSRF), how to deal with file uploads, security tokens and headers in your app, cookie replays, and more countermeasures to popular attacks.
CSRF, XSS, CVE sound like Star Wars' ships to you? Come to this talk and leave with a lot of ideas to start securing your Rails app.