What do you do when you just increased security in your app? You make it even better!
And that’s only to keep up. There’s no time left to think about strategies or implement that useful security feature you read about or saw in ThatApp(TM). But would that addition be really worth the investment?
But where to start? Where are the current weak points? What’s most important and how do you measure its’ effectiveness? Wouldn’t it be great if these things sort of took care of themselves? At least to some extent?
You spent a lot of time with security already, you’re pretty confident it’s not all that bad. The automatic security test tool reports no significant problems anymore. Everything works and you could do this all by yourself, why do you need someone else? Because you and your team discuss, learn about, keep up with and test security a couple of times a year. Buying this service could walk that up to monthly and make it a high priority while not interfering with business as usual.
I’m looking for people who are interested in the long-term success of their web application, and for who security is part of that. I’ll keep up with security for you, propose changes that you can potentially make, provide code, guides, and advice so that you can make informed decisions. We’ll launch the changes with your team and I write up reports and open a Rails security learning center for your team.
I’m Heiko Webers, a developer and writer from Germany, working with Rails security since 2007. I’m also running a small business and SaaS application, just like you, so I generally understand the challenges and possibilities.
I wrote the original version of the official Rails security guide, started the Rails Security Project and wrote another book in 2015: Rails security strategy. I've previously conducted numerous Rails security audits for many well-known Rails applications. And you’ll benefit from that experience as well.
This is not the typical consulting offer, it’s aimed at long-term success and you and your team can keep all the knowledge you acquire during this project. Security audits give you an overview of where the weak points are right now. But I know that the job isn’t done with a report, so I’m making myself available to deliver the best possible result at a far lower price point than my usual day rate.
What will you get
Frequently Asked Questions
Copyright © 2016 bauland42, Heiko Webers