Skip to content

Commit

Permalink
Update docs/app-rails/application-security.md
Browse files Browse the repository at this point in the history 
Co-authored-by: Rocket <[email protected]>
  • Loading branch information
@SammySteiner @rocketnova
SammySteiner and rocketnova authored Jun 10, 2024
1 parent 67220ef commit 5a6c050
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions docs/app-rails/application-security.md
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
# Application Security

Application security is a top priority for government technology application development, which is why the Rails framework's security helper methods and countermeasures help speed up secure application delivery. However, the framework isn't useful by itself; its helper methods and configurations only work if they are used properly. This document uses the Rails Guide to [Securing Rails Applications](https://guides.rubyonrails.org/security.html) to audit the template's use of Rails security best practices. This is meant to be a living document and should be updated as additional security tools and configurations are implemented, as well as when new vulnerabilities are discovered or introduced.
Application security is a top priority for technology application development, which is why the Rails framework's security helper methods and countermeasures help speed up secure application delivery. However, the framework isn't useful by itself; its helper methods and configurations only work if they are used properly.

Areas for improvement are marked with `TODO` that describe a security implementation. They should be accompanied by a comment in the codebase referencing the action needed, like `# **TODO:** sanitize input to protect against SQL injection`.
Areas that require improvement are marked with `@TODO` and describe a security implementation. They should be accompanied by a comment in the codebase referencing the action needed, like `# **@TODO:** sanitize input to protect against SQL injection`.

This document uses the Rails Guide to [Securing Rails Applications](https://guides.rubyonrails.org/security.html) to audit this project's Rails security best practices. This is meant to be a living document and should be updated as additional security tools and configurations are implemented, as well as when new vulnerabilities are discovered or introduced.

## Conforms to Best Practices
As outlined in [Securing Rails Applications](https://guides.rubyonrails.org/security.html)
Expand Down

0 comments on commit 5a6c050

Please sign in to comment.