Do you have a Rails security strategy?

  • You can waste days researching security.
  • So, what now? Should you hire a security expert?
  • I will show you how to develop a Rails security strategy by yourself.
Get started Learn more

The complete Rails guide to developing a security strategy for busy lead architects

You're a busy Ruby on Rails lead architect, and you don't have endless time for security. There are new types of attacks, software vulnerabilities and browser changes every month. Somehow you hear about them. You and your team fix security problems in the code when you find them.

That's already hard to keep up with this necessary evil. You're not exactly sure, but there might be some dead bodies in the code. But there's no time dig into that.

There are a lot of details out there, but few solutions. Many guides give you the fiddly details, but you're interested in the overall approach. A security strategy.

What if you had a way to update your security strategy before going deeper?

What if you could move away from the uncertainty and fiddling? What about a training course,

  • that respects your time?
  • covers all the elements of the big picture, not only basics or one outdated piece of knowledge?
  • shows you how to maintain your level of security even when you and your team are busy?

This course will help you manage the big picture by making informed decisions.

Ruby on Rails security course

What's in the training?

The training will cover everything you need to know, for example:

  • Manual work is boring, automation is king. But in security both ways fix vulnerabilities.
  • SSL/TLS security needs maintenance, too. And while you're at it, make sure it's always used.
  • Emergencies happen, when they do you won't have time to create a strategy for it anymore.
  • Some people will test your security, make sure they'll tell you about it first.
  • Processes sound boring, but they will keep your software up to date.
  • You don't necessarily need a security expert. Your team can do their own code reviews and audits. Start small to increase quality and security.
  • Slow improvements are better than nothing.
  • How to keep your codebase, your code repository organization and deployments secure.
  • Cross-Site Scripting (XSS) still happen easily. Develop a Content Security Policy for your safety net.
  • Your Rails 5 app prevents Content Sniffing and clickjacking, so you should know what it is.
  • The security of APIs is very different, so learn how to get it right.

Who's writing this?

Heiko Webers here. I'm a developer, trainer and hacker, working with Rails security since 2007. I wrote the official Rails security guide and a few others. I've also conducted countless Rails security trainings & audits for many well-known Rails applications. Now I want to share with you what's not in the Rails security guide. Because not everything about security is directly related to Rails.


What format will this be in?

I'll send you one lesson daily by email for eleven days. Or you buy the PDF version for $6.

Is this for me?

The course is for lead architects of Ruby on Rails applications. But there's also a lot of value in it for every Rails developer. It will be easier to understand if you're more or less familiar with Rails security.

What if I don't like the course?

You can also first try the e-mail course for free, and buy the PDF later. If you’re not completely satisfied, there's a 30 day money-back guarantee. My goal is to provide you with a lot of value, so this will save you quite some research time.

You didn't answer my question...

Email me and I'll answer it.

E-Mail Course

It's FREE!

Get one lesson per day for the next 11 days. This is the same content as the guide on the right.

Start Course!

Downloadable Course

Only $6!

Get all the lessons now in a downloadable PDF guide.

I want this!