Rails security tools

Found some good resources for Ruby on Rails security and some new (to me) tools.

Bundler audit. Like Yarn audit, but for Gems. Surprised I didn't know about this one. There is also bin/importmap audit if you're using import maps.

Password strength checker for Device. Ensures passwords are actually strong.

Secure Headers Gem. I usually set up in Nginx, but not as thorough as I should. Plus I like the idea of keeping them in the app.

Here's some more good resources. Definitely worth upping security.

Ruby on Rails - OWASP Cheat Sheet Series

Website with the collection of all the cheat sheets of the project.

logo

4 Essential Security Tools to Level Up Your Rails Security - FastRuby.io | Rails Upgrade Service

Is your Ruby or Rails application secure? How many known vulnerabilities are there in your codebase? This article gives you a few tools to check your security level.

4 Essential Security Tools To Level Up Your Rails Security by @etagwerkerErnesto Tagwerker

Photo by Parsoa Khorsand on Unsplash