## Securing Rails Applications This manual describes common security problems in web applications and how to avoid them with Rails. https://guides.rubyonrails.org/security.html ## Secure Rails Everyone writing code must be responsible for security. 🔒 https://github.com/ankane/secure_rails ## Securing Sensitive Data in Rails It feels like data breaches are showing up every week in the news. If you haven’t taken a second look at how you’re storing sensitive data, now is probably a good time. Users trust you with the privacy and security of their information. This guide will walk through what data is sensitive, best practices for storing it, and pitfalls to avoid. https://ankane.org/sensitive-data-rails ## Secure Headers The gem will automatically apply several headers that are related to security. https://github.com/github/secure_headers ## bundler-audit Patch-level verification for [bundler](https://bundler.io) https://github.com/rubysec/bundler-audit ## Brakeman Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities https://github.com/presidentbeef/brakeman ## Bearer Developer friendly static code analysis for security and privacy https://github.com/Bearer/bearer ## Ruby on Rails OWASP Cheat Sheet This _Cheatsheet_ intends to provide quick basic Ruby on Rails security tips for developers. It complements, augments or emphasizes points brought up in the [Rails security guide](https://guides.rubyonrails.org/security.html) from rails core. https://cheatsheetseries.owasp.org/cheatsheets/Ruby_on_Rails_Cheat_Sheet.html