Joernchen (Phenoelit)

Presentation Title HITB Labs: Building and Breaking Ruby on Rails
Presentation Abstract

Ruby on Rails (RoR) is an open source web application framework based on the Ruby programming language, that’s been around now for over five years. The popularity this framework has gained within the recent past might not solely be based on some serious advertisement efforts, but also – and more likely so – on its broad use in agile/rapid development, condemning repetition, while emphasizing Convention over Configuration principles.

In this HITB Lab session we will take a closer look at “building and breaking Ruby on Rails”: Besides a basic overview of the Rails framework and its security mechanisms, developers’ common pitfalls will be layed out, and both general web application flaws as well as RoR specific issues will be discussed and exercised. Along with this, some interesting security aspects of the framework itself will be elaborated. All in all, attendees can expect a code centric walkthrough of Ruby on Rails with a strong focus on the security mechanisms.

About Joernchen

Joernchen likes to read. His main points of interest are in enjoying the reading of other peoples source code, as well as the inspection of interesting binary data in order to extend given systems functionality to unexpected Limits.