[LRUG] Keeping track of new security vulnerabilities?
joel.chippindale at gmail.com
Wed Sep 25 06:30:09 PDT 2013
Thanks to all of you for your excellent suggestions.
Both bundler-audit  and brakeman  look very interesting and I am
certainly going to give them a go.
On 20 September 2013 12:49, Chris Mear <chrismear at gmail.com> wrote:
> On 20 Sep 2013, at 10:21, Mark Burns <markthedeveloper at gmail.com> wrote:
> > Code climate provides a paid for security service. I'm not sure if it is
> any more comprehensive than the any others but it's at least another option
> to throw into the mix.
> I've tried this one. It's for Rails apps only, and AFAICT it's just
> running Brakeman for you:
> Which is not to say the service doesn't add some potentially handy
> features: email notifications, tracking of individual problems until they
> are fixed, easy marking of false-positives, automatic ticket creation... I
> just didn't personally find those worth the entry fee.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chat