Application Security for Ruby on Rails Environments
Security is not an on/off switch. No useful software application is truly ultimately secure. Security risk may be managed! Your company can take sensible, commercially-viable steps to avoid being in the news with an embarrassing data breach with your name on it.
What is Application Security?
Application Security is the subset of Information Security focused on protecting data and privacy from abuse by adversaries who have access to the software system as a whole. Its purpose is to make software resilient to attack, especially when network defenses alone are insufficient.
Rietta has spent more than a decade developing applications with appsec as a fundamental design requirement and more than six years applying this exculsively in the context of Ruby on Rails applications.
Rietta Provides Services and Resources to Help Your Company Protect Your Clients’ Security
Identify and fix the most important security vulnerabilities in your code. We provide application security assessments that go far beyond the results of just running Brakeman and Bundler Audit. Our recommendations are guided by your client’s business model and risk tolerance.
Policies and Procedures
Need a Written Information Security Policy to be compliant or land new business for your startup? We’ve got you covered there. And we’ll help you identify key areas to improve your development processes to avoid introducing unneccesary security risk.
Hardened Feature Development
Need a security intensive feature developed that the future of the company rests upon? For example, extreme PII processing requirements like full tax documents or health information needs to be submitted and encrypted? We offer services from user (and abuser) story writing, security tests, and implementation services for security intense features.
Appsec Learning Resources
Take a look at Rietta’s Web Application Security Learning Center.