Rails security tools

Rails security tools
Fence with locks

Found some good resources for Ruby on Rails security and some new (to me) tools.

Bundler audit. Like Yarn audit, but for Gems. Surprised I didn't know about this one. There is also bin/importmap audit if you're using import maps.

Password strength checker for Device. Ensures passwords are actually strong.

Secure Headers Gem. I usually set up in Nginx, but not as thorough as I should. Plus I like the idea of keeping them in the app.

Here's some more good resources. Definitely worth upping security.

Ruby on Rails - OWASP Cheat Sheet Series
Website with the collection of all the cheat sheets of the project.
4 Essential Security Tools to Level Up Your Rails Security - FastRuby.io | Rails Upgrade Service
Is your Ruby or Rails application secure? How many known vulnerabilities are there in your codebase? This article gives you a few tools to check your security level.

Photo by Parsoa Khorsand on Unsplash

Subscribe to WebDev news from candland.net

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.