Mar 11, 2014 · 7:00 PM
Rails has gone a long way towards helping developers craft secure websites. Things like secure cookies and parameter sanitizing helps us steer away from common issues. But what happens when you really dive in? In this talk, Cory will go through the surprising results we found through a detailed security audit from an external company, and how you could be exposing your users and application to security holes without even realizing it through interactions between libraries. Cory will also detail the responsible disclosure process when security holes are found, and how they were responded to by library authors.
Cory Foy is a developer, trainer and coach who has worked in technologies ranging from classic ASP to Clojure. He's worked for companies like Microsoft, Thunderbolt Labs, and started and ran the Florida arm of 8th Light. In addition, he's consulted for a wide range of clients, including DirecTV, MIT, BCBS and many others, and run Day of Ruby and Code Retreat events around the country. He and his family now live in Bahama, NC.