In this interview, Frank Rietta, a security expert in web applications, talks about various recommendations for securing a Ruby on Rails application. Many areas are explored from code, staff, servers and infrastructure.

Using the gdpr_rails gem, we look at adding a policy manager to require users to accept age, terms, and privacy policies before signing up for an account.

Part I - In this episode, we create our authentication for users, default view for authenticated users, friendship model, associations and scopes for our social media application.

We may come across a need to run shell commands and Ruby has some built in methods which appear safe, but can introduce major security risks.

Keeping client data protected is important, but once an attribute is encrypted, it becomes difficult to work with it. With Blind Index, we regain functionality on searching and validations.