Ruby on Rails Security Audits and Code Reviews
Did you know that 75% of attacks happen on the web application layer and 97% of web applications are vulnerable to attack? A security audit is an effective way to fend off such attacks. Most clients ask us to do a code review from the inside but we've also done black box testing.
As an OWASP member and security experts in the field of Ruby on Rails security, we do security audits of your Rails applications on-site or offshore for many years now. The most-effective-pack includes this:
- Source-code audit, because this is the most effective way to find security vulnerabilities in the application. I can say that virtually every web application had some kind of vulnerability in it.
- Security audit of your web application eco-system
- Security audit of the lower levels, especially the web server and database management server
- You will receive our Security Certificate
- Recommendations on how to fix the vulnerabilities
- Our Ruby on Rails Security Guide, as a printed book if you wish
- Optional: General security talk for your employees
- Optional: Support to fix the security vulnerabilities
- Optional: Long-term support, stay informed about the latest security vulnerabilities
Of course, you can get one or more of these stand-alone, as well. Please contact Heiko here or at 42@bauland42.de for more information on the general proceedings. We are based in Germany, but available everywhere in the world.
When is the right time to do a code review?
Most clients contact us before going live or after they implemented a new feature. We also offer long-term security project support.