Heiko Webers

Heiko Webers is a web application security consultant focusing on Ruby on Rails. His research on Ruby On Rails security earned him his university degree. Recently, he started the Ruby On Rails Security Project. He is also a developer for secure knowledge management software. After 10 years of desktop application development, he's rarely looked back.

Presentation: "Advanced Ruby on Rails Security"

Track: Advanced Web Application Development

Time: Tuesday 14:30 - 15:30

Location: Auditorium 1, 1. floor

Abstract:

The future of malware doesn't belong to our hard disks. Every day criminal hackers use the web to steal numerous credit card numbers, confidential information, passwords, and everything else they can make money with or use to attack others. There are too many businesses depending on the Internet, that security is not an area to ignore.

Many Rails' developers share the perception of Rails being a "secure" framework. And that might well be true, because less code is needed to get things done, and less code means a better overview of what is happening. But though Rails seems to be safer, doesn't allow us to lean back.

While some security features are used automatically, it is equally important to understand the impacts of possible attacks against them and its countermeasures. And even more important are the numerous attack methods that cannot be fended off automatically. This talk focuses on more advanced security topics - for Rails and web applications in general.