Do you have a Rails security strategy?

You can waste days researching security.

So, what now? Should you hire a security expert?

I will show you how to develop a Rails security strategy by yourself.

The complete Rails guide to developing a security strategy for busy lead architects

You're a busy Ruby on Rails lead architect, and you don't have endless time for researching security. Making sense of the important security vulnerabilities can waste days or even weeks.

Because there are new vulnerabilities and new ways to exploit a web application every day, it's hard to keep up. So, you end up updating everything when there's a vulnerability, but it feels like firefighting an infinite amount of fires.

There are a lot of details out there, but not many solutions. Plenty of guides give you some bits and pieces of what to do, but leave out the most important thing — how to develop a whole security strategy.

Many guides give you the fiddly details, but you're mostly interested in the overall approach. Of course you still need to know some important details, but you've probably got a team that will take care of the implementation.


Create your own Rails security strategy now

From the author of the Rails Security Guide

Secure Rails web applications - Imprint - Privacy
© Copyright 2015
Learn more

What if you had a way to update your security strategy before going deeper

What if you could move away from the firefighting and fiddling?

What about a training course,

  • that respects your time?
  • covers all the big-picture elements, not just some basics or one outdated piece of knowledge?
  • shows you how to maintain your security even when you and your team are busy?

This course will help you manage the big picture by making informed decisions.


What will be covered in the training?

The training will cover everything you need to know, for example:

  • Manual work is boring, automation is king, but in security both are needed to fix vulnerabilities.
  • SSL/TLS security needs to be maintained too, and while you're at it, make sure it's always used.
  • Emergencies happen, when they do you won't have time to create a strategy for it anymore.
  • Some people will test your security, make sure they'll tell you about it first.
  • Processes sound boring, but they will keep your software up to date.
  • You don’t necessarily need a security expert. Your team can do their own code reviews and audits. Start small to increase quality and security.
  • How to keep your codebase, your code repository organization and deployments secure.
  • Cross-Site Scripting (XSS) can happen easily, so develop a Content Security Policy for your safety net.
  • Your Rails 4 app prevents Content Sniffing and clickjacking, so you should know what it is.
  • The security of APIs is very different, so learn how to get it right.


What format will this be in?
I'll send you one lesson daily by email for eleven days. Or you buy the PDF version for just $6.

Is this for me?
The course is intended for lead architects of Ruby on Rails applications. But I think there's also a lot of value in it for every Rails developer. It will probably be easier to understand if you're more or less familiar with the Rails security guide.

Who's writing this?
I'm Heiko.


Frequently asked questions

What if I don't like the course?
You can also first try the e-mail course for free, and buy the PDF later. If you’re not completely satisfied, I have a 30 day money-back guarantee.
My goal is to provide you with a lot of value and I did all the hard part of researching for you. I think I saved you quite some time.

You didn't answer my question...
Email me and I'll answer it.


Who's writing this?

My name is Heiko Webers and I've been building Rails applications since 2006. I've written the official Rails security guide and the Open Web Application Security Project (OWASP) Rails security guide. Since then I helped countless Rails applications to improve their security with code audits and trainings. I want to share with you what's not in the Rails security guide because not everything about security is directly related to Rails.


It's FREE!

E-Mail Course

Get one lesson per day for the next 11 days. This is the same content as the guide on the right.

I want this!

Downloadable Course

Only $6!

Get all the lessons now in a downloadable PDF guide.

Get started