Ruby

Command Injection in Ruby

Protecting against the command injection vulnerability in Net::FTP

Last week a vulnerability affecting Net::FTP, part...


Using the Sqreen Agent without PII

Sqreen automatically tracks certain kinds of user...


XSS Cross-Site Scripting Slim Ruby

Discovering a Cross Site Scripting (XSS) vulnerability in Slim

What is Slim? Slim is a templating engine for the...


Rails Vulnerabilities

The two most common vulnerabilities in Rails (with code)

Ruby on Rails is one of the most popular...


Sqreen at EuRuKo 2016 - Europe's largest Ruby Conference

Two weeks ago Sqreen was a proud Puma sponsor...


Content Security Policy CSP

Integrating Content Security Policy into your Rails applications

TL; DR Content Security Policy (CSP) is an HTTP...


Ruby on Rails Security in your Continuous Integration

Foundations of your development cycle "Never send...