What?
Brakeman is a security scanner for Ruby on Rails applications. It looks at the source code of a Rails application for possible security flaws, such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and other problems.
Brakeman makes a report with information about the problems it has found and suggestions for how to fix them. It can also be used with Continuous Integration (CI) systems to check for vulnerabilities automatically whenever code is changed. Developers and security experts use Brakeman, an open-source tool, to help keep their Rails applications safe.
Why?
The following is a list of some of the most important aspects of Brakeman.
Automated scanning
Brakeman can be run automatically as part of a continuous integration process, making it easy to check for vulnerabilities on a regular basis as code changes are made.
Customizable rules
Brakeman comes with a set of rules that can identify a wide range of security problems. You can also make your own rules to look for specific problems or to match the security policies of your organization.
Detailed reports
Brakeman generates detailed reports that list the issues it has found and provide recommendations for how to fix them. The report also includes information about the line of code where the issue was found, the severity of the issue, and the confidence in the issue being a true positive.
False positive management
Brakeman allows you to mark issues as false positives, so they will be ignored in future scans.
Integrations
Brakeman can be used with other security tools like Jenkins, TravisCI, CircleCI, GitLab CI/CD, etc. It also has a command line interface and can be used with other CI/CD tools.
Version support
Brakeman supports the latest version of Ruby on Rails and also works with older versions, up to Rails 3.
How?
There are a few steps you can take to configure Brakeman for a Ruby on Rails application:
