You need to know how to defend yourself. Designing security into an application is a little like getting insurance. You know you really need it, you probably keep putting it off, and deep down you’re sure disaster won’t happen to you. But secure application design is no longer an option, and it’s not something you can put off. You need it now, and you need to do it well.
Security on Rails provides you with the tools and techniques you need to defend your Rails applications against attackers. With Security on Rails, you’ll see the very techniques that hackers use, and then see for yourself how to create secure Rails applications that counteract the threats.
Authors Ben Poweski and David Raphael point out, “Many development organizations require that architecture be reviewed by someone security-savvy. This process works well for projects that have long life cycles and massive budgets. But let’s face it, heavyweight processes don’t fit for the majority of Ruby on Rails developers. One of the strengths of Ruby on Rails is its agility–security should be applied with the same spirit.”
As a Rails developer, it is essential that you understand how to assess risk and protect your data and your users. With this book, you’ll learn the steps you need to take to control all access to information and authenticate users, including cryptography concepts and authorization. In addition, you’ll see how to integrate your applications with external management systems; in short, all the crucial details you must consider to protect yourself and your data. Security on Rails helps beginner and intermediate developers to take control of their applications and guard against attacks.