In this talk, three Rails security specialists will take a journey through a terrifying Rails application to illustrate common security problems we have seen in the real world. The discussion will include how to identify, fix, and prevent the issues with an emphasis on practical advice. Along the way we will share our experiences and perspectives concerning securely implementing applications. We hope it is a bit scary, and yet fun … like a horror movie!
Aaron is a Principal Consultant at Cigital where he helps drive better secure programming practices. Aaron is the creator of Repsheet, an open source framework for web application attack prevention. He is a co-author of Programming Clojure and a previous member of Clojure/core.
Justin is a PhD candidate at UCLA, a member of the application security team at Twitter, and primary author of Brakeman, a static analysis security tool for Rails.
Matt is a veteran agile software developer with a focus on security. His mission is to empower developers to build code more securely through training, secure agile process adoption (Security in SDLC) and technical solutions. He enjoys soccer, reading and spending time with family.