Railsgoat - Rails Attack and Defense

Explore a 32-minute conference talk from LASCON's Developer Track that delves into RailsGoat, an OWASP project designed to address security vulnerabilities in Rails applications. Learn about common security issues aligned with the OWASP Top 10, discover solutions for remediation, and understand attack scenarios specific to Rails. Gain insights into the motivation behind creating this free and open training tool for the Rails and Ruby ecosystem. Follow along as the speakers discuss mass assignment vulnerabilities, provide a tutorial on getting started with RailsGoat, and outline the project's roadmap. Understand the importance of security in Agile development environments and how RailsGoat can benefit Rails-based development teams. Get information on supported Rails versions, early adopter models, and future plans for the project, including potential expansion to Sinatra.

Intro
Companies using Rails
Demographics
Tutorial credentials
Teaser video
Mass Assignment
Railsgoat
Getting started
Roadmap
Rails versions
Questions
Future plans
Early adopter model
Sinatra