Brakeman

419 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
419
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Brakeman

    1. 1. BrakemanScan security of your Rails app Romain Sempé @rsempe https://github.com/rsempe
    2. 2. Web vulnerabilitiesResults of a recent survey on web apps: - 68% Cross site scripting issues - 32% SQL InjectionHarder to manually test the security when appsgrow larger!
    3. 3. E.g SQL InjectionUser.first("login = #{params[:name]} ANDpassword = #{params[:password]}")Inputs: OR 1 = 1SQL query result:SELECT * FROM users WHERE login = OR 1=1AND password = OR 1=1 LIMIT 1;
    4. 4. E.g Cross Site Scripting (XSS)<%= "Hello #{params[:name]}" %>Input: <script>alert(attacked)</script>
    5. 5. Rails secure strategyXSS protection: sanitize by default, otherwisehtml_safe.
    6. 6. Rails secure strategyXSS protection: sanitize by default, otherwisehtml_safe.Mass assignment strategy update (notwhitelisted by default).
    7. 7. Rails secure strategyXSS protection: sanitize by default, otherwisehtml_safe.Mass assignment strategy update (notwhitelisted by default).CRSF protection by default withauthenticity_token.
    8. 8. Rails secure strategyXSS protection: sanitize by default, otherwisehtml_safe.Mass assignment strategy update (notwhitelisted by default).CRSF protection by default withauthenticity_token.Secure encryption with bcrypt (password_digest).
    9. 9. Rails secure strategyXSS protection: sanitize by default, otherwisehtml_safe.Mass assignment strategy update (notwhitelisted by default).CRSF protection by default withauthenticity_token.Secure encryption with bcrypt (password_digest).force_ssl method to ensure https.
    10. 10. Rails secure strategyXSS protection: sanitize by default, otherwisehtml_safe.Mass assignment strategy update (notwhitelisted by default).CRSF protection by default withauthenticity_token.Secure encryption with bcrypt (password_digest).force_ssl method to ensure https.No more SQL Injections with ActiveRecord.
    11. 11. Rails secure strategyXSS protection: sanitize by default, otherwisehtml_safe.Mass assignment strategy update (notwhitelisted by default).CRSF protection by default withauthenticity_token.Secure encryption with bcrypt (password_digest).force_ssl method to ensure https.No more SQL Injections with ActiveRecord.And much more...
    12. 12. A lot of commits aboutsecurity each month onRails!
    13. 13. But how/whenmeasuring the securityissues of our Rails
    14. 14. Brakeman gemOnly compatible with Rails.Inspect the source code and produce a report.Zero configuration required.Can be run at any stage of the development.
    15. 15. Brakeman detections- Cross Site scripting- SQL Injection / Commands Injection- Unrestricted Mass assignments- Unsafe redirects- Unsafe file access- Insufficient model validations- ... and so on!
    16. 16. Cost to fix defects Picture from RailsConf 2012 http://brakemanscanner.org/docs/presentations/ Brakeman-RailsConf2012.pdf
    17. 17. $ gem install brakeman$ brakeman (-o report.html)
    18. 18. Now, coding!
    19. 19. Jenkins Integration
    20. 20. « Zero warnings doesnot mean zerovulnerabilities » Justin Collins - RailsConf 2012 http://brakemanscanner.org/docs/presentations/ Brakeman-RailsConf2012.pdf
    21. 21. http://brakemanscanner.org/https://github.com/presidentbeef/brakeman@brakemanhttp://brakemanscanner.org/docs/presentations/Brakeman-RailsConf2012.pdfhttp://railscasts.com/episodes/358-brakeman

    ×