[LRUG] Keeping track of new security vulnerabilities?

Chris Mear chrismear at gmail.com
Fri Sep 20 04:49:36 PDT 2013


On 20 Sep 2013, at 10:21, Mark Burns <markthedeveloper at gmail.com> wrote:

> Code climate provides a paid for security service. I'm not sure if it is any more comprehensive than the any others but it's at least another option to throw into the mix.

I've tried this one. It's for Rails apps only, and AFAICT it's just running Brakeman for you:

http://brakemanscanner.org

Which is not to say the service doesn't add some potentially handy features: email notifications, tracking of individual problems until they are fixed, easy marking of false-positives, automatic ticket creation... I just didn't personally find those worth the entry fee.

Chris




More information about the Chat mailing list