O'Reilly logo

Rails 4 Test Prescriptions by Noel Rappin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Other Security Resources

There’s a limit to what you can test with security using TDD. It’s a good idea to use a static analysis tool to look for security issues. Two options are Brakeman, which you would run yourself, and CodeClimate, which automatically runs Brakeman on each commit.[18] Brakeman looks for a variety of security issues and provides some tips on working around them.

Prescription 30Use an automatic security scanner to check for common security issues.

The Open Web Application Security Project has all kinds of useful information on security risks.[19] Of particular interest is WebGoat, a deliberately insecure application designed to allow you to hack and test solutions. The Rails version is called RailsGoat.[20]

Footnotes

[17] ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required