Thursday October 24, 2013 3:00pm - 3:45pm
WhiteHat Security Ballroom (Norris Conference Center, 2525 W. Anderson Lane, Suite 365, Austin, Texas 78757)
While working to secure rails applications in a truly Agile development environment, it became clear that the Rails and Ruby ecosystem needed attention from the security community in the form of free and open training, and the events that have transpired this year have only reinforced that belief. RailsGoat is an attempt to bring attention to both the problems that most frequently occur in Rails, solutions for remediation, and common attack scenarios. To accomplish this, we've built a vulnerable Rails application that aligns with the OWASP Top 10 and can be used as a training tool for Rails-based development shops.
Railsgoat is an OWASP project, addtional details can be found at the following link: