But Doesn't Rails Take Care of Security for Me?

Rails comes with protection against SQL injection, cross site scripting, and cross site request forgery. It provides strong parameters and encrypted session cookies out of the box. What else is there to worry about? Unfortunately, security does not stop at the well-known vulnerabilities and even the most secure web framework cannot save you from everything. Let's take a deep dive into real world examples of security gone wrong!
Length: 43:17
Views 2193 Likes: 45
Recorded on 2016-05-04 at Rails Conf
Look for other videos at Rails Conf.
Tweet this video