Overview What You Will Learn Curriculum Instructor

Course Overview

Web application security is a critical aspect of modern development, especially with the rising threats targeting online platforms. Ruby on Rails, a widely adopted web framework, is not only known for its simplicity and speed but also its ability to support secure coding practices. Understanding and mitigating common vulnerabilities within Rails applications is vital for developers, as it ensures the safety of both user data and the integrity of the application itself. This course offers a practical approach to learning security concepts using real examples in Ruby on Rails, which can be applied across any development stack.

This course begins with an introduction to Ruby and Rails, setting the stage for security topics within the framework. Learners explore various injection attacks including SQL injection, XSS, and header manipulation. It then dives into CSRF and clickjacking, examining their mechanics and Rails-specific countermeasures. Other topics include configuring default headers, implementing content security policies (CSP), and advanced rate limiting using the Rack Attack gem. The course also covers secure file handling, virus scanning with Clamav, metadata filtering, and static analysis using Brakeman, culminating with actionable insights on testing and strengthening app security.

This chapter-based course equips developers to write safer, more resilient Rails applications with practical strategies and essential tools for secure coding.

What You Will Learn

  • The overall objective and goal of the course is to make you a better programmer and gain extensive knowledge of security vulnerabilities
  • Helping you to write more secure code and deliver high quality code which is both resilient and secure
  • By the end of the course, you will be a master of writing secure code
  • You will have knowledge of the various security issues and flaws that exist
  • You will learn how to develop solutions that counter these security issues, how to test applications for security issues and how to fix them, how to build security solutions such as rate limiters and image filters from scratch and in general, help you become a better developer

Program Curriculum

  • What is Ruby? What is Rails?
  • Why Ruby on Rails?
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • SQL Injection
  • Cross-Site Scripting (XSS)
  • Header Injection
  • Command, CSS and AJAX Injection
  • Chapter 2 Quiz

  • What is CSRF?
  • CSRF in Rails
  • Countermeasures
  • What is Clickjacking?
  • Clickjacking in Rails & Countermeasures
  • Chapter 3 Quiz

  • What are Headers?
  • Default Headers in Rails
  • CSPs
  • Chapter 4 Quiz

  • What is Rate Limiting?
  • Rate Limiting Tactics and Strategies
  • Safe Listing and Blacklisting
  • Tracking and Throttling
  • Advanced Concepts of Rate Limiting using Rack Attack
  • Combining it all Together
  • Chapter 5 Quiz

  • File Uploads - Basics
  • Scanning Files for Viruses using Clamav
  • Image Filter - Blocking Images
  • Image Filter - Blocking based on Content Type
  • Image Filter - Fixing Metadata Leaks
  • Why and How to Test using Brakeman
  • Analysing Results of Brakeman Report
  • Chapter 6 Quiz

  • What is covered so far? What should you learn next?
  • Goodbye!
Load more modules

Instructor

Riyaz Rafi Ahmed

Riyaz Rafi Ahmed has intense experience in Information Security, VAPT, AWS - Security, Ruby on Rails - ProgrammingSecurity (building security solutions from scratch), Blue-teaming, and Security Awareness Training. He has completed over 13 professional courses in the domain of security from various universities such as the University System of Georgia and University of California San Diego and has given multiple talks on topics related to digital privacy and security online in various colleges and national organizations attended by students and subject matter experts alike. Having spent close to 2 years in the domain and given multiple talks on various topics, Riyaz understands how developers start out as he himself is one and is the perfect trainer for this course on understanding security with the example of ruby on rails.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering video-based learning with 840+ courses and diverse Learning Paths to enhance your skills.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 840+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs and CTF Challenges for comprehensive skill-building.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 1400+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month

Related Courses

  • Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2.

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Short Course

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Vulnerability Assessment and Pentesting

    The comprehensive course to secure & crack WEP/WPA/WPA2 k...

    $69.99

    Intermediate

    5 hr 12 m

  • Bootstrap 4 Quick Website Bootstrap Components Course.

    Bootstrap 4 Quick Website Bootstrap Components Course

    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches.

    CCNA - Understanding Routers and Switches

    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course.

    The Complete Full-Stack JavaScript Course

    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS

    React.JS for Ecommerce: Building a Store with React.JS

    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training.

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes.

    Helm 3 - Package Manager for Kubernetes

    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally.

    Learn Ethical Hacking by Hacking Real Websites Legally

    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

1 49
View all