Heiko Webers is a web application security consultant focusing on Ruby on Rails.
His research on Ruby On Rails security earned him his university degree.
Recently, he started the Ruby On Rails Security Project. He is also a developer
for secure knowledge management software. After 10 years of desktop application
development, he's rarely looked back.
|
Presentation: "Advanced Ruby on Rails Security"Time: Tuesday 14:30 - 15:30 Location: Auditorium 1, 1. floor
Abstract:
The future of malware doesn't belong to our hard disks. Every day criminal hackers use the web to steal numerous credit card numbers, confidential information, passwords, and everything else they can make money with or use to attack others. There are too many businesses depending on the Internet, that security is not an area to ignore. Many Rails' developers share the perception of Rails being a "secure" framework. And that might well be true, because less code is needed to get things done, and less code means a better overview of what is happening. But though Rails seems to be safer, doesn't allow us to lean back. While some security features are used automatically, it is equally important to understand the impacts of possible attacks against them and its countermeasures. And even more important are the numerous attack methods that cannot be fended off automatically. This talk focuses on more advanced security topics - for Rails and web applications in general. |
|||