• How RuboCop can secure your Ruby and Rails Applications

    In the last two posts, we covered setting up bundler-audit to identify vulnerable dependencies and brakeman for static code analysis. In this post, we will focus on using RuboCop as static code analyzer for security checks. While RuboCop is known as a linter and formatter, it also comes with some...

  • Using Brakeman to secure your Rails app

    In the last article, we talked about using bundler-audit to detect vulnerable dependencies and explored how to best resolve the issues. In this article, we will look into our first Static Application Security Testing (SAST) tool. Tools that perform static analysis, scan your source code and look for certain patterns....

  • Keeping vulnerable dependencies out of your Rails App

    Not a single day passes without news coverage of yet another security incident. That makes it clear that writing secure code is an essential skill for software engineers these days. This is the first post in a 3-part series that explores using open-source tools to level up the security of...

  • Announcing Golang Support

    We are very excited to officially announce support for Go. GuardRails can now identify security issues in any Go repositories on Github! Currently, we support the excellent tool gosec, the Golang Security Checker. To learn more about GuardRails check out our documentation. A list of supported languages and tools can...

  • Ruby and Ruby on Rails support for GuardRails released

    We are excited to announce our latest language support. With Python and JavaScript already part of the GuardRails family, we are now adding Ruby, to fully cover the modern development stack. This allows you to have your Ruby and Rails application secured while you are working on new features. We...

  • Solidity support for GuardRails released

    GuardRails identifies security issues in JavaScript, Python and detects secret keys in your source code. We are excited to announce our latest language support. Since today we support scanning Ethereum smart contracts composed in Solidity. We worked closely with the team behind Mythril to ensure high-quality findings. In parallel, we...

  • Python support for GuardRails released

    We are happy to announce the release of our first language after JavaScript. From today onwards GuardRails supports Python 2.x and Python 3.x. We support Django and Flask applications to make sure your web applications are safe. Our app can handle your Python backend and machine learning projects and ensure...

  • The 5-minute conference โ€” #1

    A summary of DevSecOps Days Singapore โ€˜18 TL;DR: DevSecOps is a very fast-moving field. New learnings and insights are shared on a continuous basis. Only a few people have the luxury of attending DevSecOps events though. If there arenโ€™t any recordings of the talk, then the knowledge is not spreading....