Whether you're preparing for a third-party security scan or already doing peer code reviews, you should always run brakeman scanner on your application to identify potential security vulnerabilities.

Part of a good User Experience is making your application easy to use for your users. However, a few bad apples often cause a hinderance to your UX/UI by the addition of Captchas. Learn how to create invisible captchas to protect your forms while delivering a good UX.

In this interview, Frank Rietta, a security expert in web applications, talks about various recommendations for securing a Ruby on Rails application. Many areas are explored from code, staff, servers and infrastructure.

Be default, Refile does not have a way to secure file downloads. It relies on a generated hash that is unknown to users unless the page renders that image or has a download to that file. This is okay sometimes, however, protecting the file from being downloaded for those who have the URL is a bit more involved.

Make your strong parameters do more by extracting the logic in order to maximize the ability and security of your application.