Sqreen Blog
  • Docs
Sqreen Blog

The Official Sqreen Blog

  • Docs

Browsing Category

Ruby

16 posts
Code Vulnerabilities and SQL Injections in Ruby on Rails
  • Ruby
  • Security
  • 56 views
  • 8 minute read
  • No comments

Preventing SQL injections in Ruby (and other vulnerabilities)

  • Chris Chinchilla
  • February 12, 2021
This post’s topic is very straightforward: SQL injection, Ruby flavored. More specifically, how you can protect your Ruby application against SQL injections—and other common security threats. Ruby is a wonderful…
View Post
  • Ruby
  • 7 minute read
  • No comments

Top 10 Ruby security best practices

  • Carlos Schults
  • February 9, 2021
Do you know those things that are simultaneously incredibly important to get right but incredibly easy to get wrong? That makes for an explosive combination. One such thing happens to…
View Post
  • Ruby
  • Security
  • 6 minute read
  • No comments

Learnings from Sqreen’s State of App Sec Report: 70% of Ruby on Rails exploits were SQLi

  • Carlos Schults
  • December 1, 2020
Saying that digital security is “important” would be the understatement of the century. It’s probably the most crucial aspect of any application nowadays. Unfortunately, security is easy to get wrong,…
View Post
  • Ruby
  • Security
  • 4 minute read
  • No comments

From Nestaway: Automating Security Operations — Detecting and Permanently Blocking Abusive Clients

  • Ranjan Kathuria
  • November 12, 2020
Today, we’re featuring a blog post from Nestaway that was originally posted in Nestaway Engineering on Medium. Automating Security Operations is a tough task but can make the life of a security person…
View Post
  • Dev
  • Ruby
  • 7 minute read
  • No comments

Fixing a critical issue: a journey into Ruby web server startup sequences, part two

  • Loic
  • July 29, 2019
So where are we jumping into this story? This post is part two of our story on how we dove into Ruby web server startup sequences to fix a strange…
View Post
  • Dev
  • Ruby
  • 7 minute read
  • No comments

Fixing a critical issue: a journey into Ruby web server startup sequences, part one

  • Loic
  • July 25, 2019
Introduction In this post-mortem blog post we’ll explore the oft-neglected Rack’s design and Ruby web server startup sequence in depth through the lens of a surprising critical issue encountered by…
View Post
From Ruby to Python
  • Dev
  • Python
  • Ruby
  • 66 views
  • 7 minute read
  • 4 comments

How I switched from Ruby to Python

  • Benoit
  • January 30, 2019
This article is a personal experience shared by Benoit, Sqreen’s first engineer who worked on the Ruby agent and on the Python backend. Ruby, a love story Back in 2008…
View Post
Buffer under-read in Ruby
  • Ruby
  • Security
  • 18 views
  • 6 minute read
  • No comments

An in-depth look at CVE-2018-8778 or why integer overflows are still a thing!

  • Benoit
  • March 30, 2018
A new exciting vulnerability (yes sorry, we easily get excited about these things 😜) has been released in Ruby. CVE-2018-8778 is a Buffer under-read that is triggered by String#unpack. Kudos…
View Post
Command Injection in Ruby
  • Ruby
  • Security
  • 11 views
  • 3 minute read
  • No comments

Protecting against the command injection vulnerability in Net::FTP

  • Paul
  • December 19, 2017
Last week a vulnerability affecting Net::FTP, part of Ruby standard library, was uncovered by Etienne Stalmans (Great job 🙌) from the Heroku product security team. This article will explain the vulnerability and…
View Post
  • Ruby
  • Sqreen Product
  • 5 views
  • 4 minute read
  • No comments

Using the Sqreen Agent without PII

  • Don Goodman-Wilson
  • August 3, 2017
Updated December, 2020 Sqreen automatically tracks certain kinds of user behavior in your web application, to provide context and actionable insights into how attackers are abusing your app. By default,…
View Post

Posts navigation

1 2 Next
Search
Recent Posts
  • Democratizing security: The next step in Sqreen’s journey
  • Heroku Security: Securing your Heroku application
  • Streaming data with Amazon Kinesis
  • What is a Content Security Policy (CSP) and why is it important?
  • CIS 20 overview and what not to miss
Categories
  • Dev (56)
  • DevOps (14)
  • Go (5)
  • Java (4)
  • JavaScript (7)
  • Node.js (15)
  • PHP (3)
  • Python (18)
  • Ruby (16)
  • Security (136)
  • Sqreen Product (35)
By the Sqreen Team ❤
© Sqreen 2015-2021 – Privacy Policy