{"id":27097,"date":"2017-09-02T09:49:21","date_gmt":"2017-09-02T09:49:21","guid":{"rendered":"https:\/\/dev.railscarma.com\/brakeman-rails-security-scanner\/"},"modified":"2021-06-05T07:39:04","modified_gmt":"2021-06-05T07:39:04","slug":"brakeman-rails-sakerhetsskanner","status":"publish","type":"post","link":"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/brakeman-rails-sakerhetsskanner\/","title":{"rendered":"BRAKEMAN: Rails Security Scanner"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"27097\" class=\"elementor elementor-27097\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4c65517f elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4c65517f\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4346ef95\" data-id=\"4346ef95\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a740536 elementor-widget elementor-widget-text-editor\" data-id=\"5a740536\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h2>Introduktion<\/h2>\nBrakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly scans through the source code of our application which eliminates the need to set-up our whole application stack in order for using this expedient security tool.\nAfter scanning, it produces a report of all the security issues it has identified.\n<h3>F\u00f6rdelar<\/h3>\n<strong>Run It Anytime<\/strong>\nBecause all that Brakeman needs is the source code and it (Brakeman) can be run at any stage of development: We can generate a new application with rails and immediately scan it using Brakeman.\n<strong>Better Coverage<\/strong>\nIt provides more coverage to our application.\nIt checks the pages which might not be \u2018live\u2019 yet and even finds security vulnerabilities before they become exploitable.\n<strong>Speed<\/strong>\nIt is much faster than \u201cblack box\u201d website scanners which is evident from the fact that it takes very few minutes to scan very large applications.\n<h3>Limitations<\/h3>\n<strong>False Positives<\/strong>\nBeing somewhat suspicious, it runs the risk of leading to many \u201cfalse positives.\u201d\n<strong>Unusual Configurations<\/strong>\nIt assumes a \u201ctypical\u201d Rails setup. If some parts of the app do not fall under normal Rails application layout, there are high chances that, that part could be missed while scanning.\n<strong>Isn\u2019t Omniscient<\/strong>\nBrakeman cannot understand everything which is happening in the code. Sometimes, it just makes reasonable assumptions. It may miss things. It may misinterpret things. But it does try its best.\nFor Issues, check: <a href=\"https:\/\/github.com\/presidentbeef\/brakeman\/issues\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/github.com\/presidentbeef\/brakeman\/issues<\/a>\n<h3>Installing Brakeman<\/h3>\n<strong>Gem install<\/strong>\n<pre><code>gem install brakeman<\/code><\/pre>\nBrakeman gems are now signed, which means the contents of the gem can be verified using the <a href=\"https:\/\/github.com\/presidentbeef\/brakeman\/blob\/master\/brakeman-public_cert.pem\" target=\"_blank\" rel=\"noopener noreferrer\">public Brakeman certificate<\/a>.\nInclude the below certificates as \u201ctrusted\u201d to verify the gem;\n# Brakeman\n<pre><code>gem cert --add &lt;(curl -Ls https:\/\/raw.github.com\/presidentbeef\/brakeman\/master\/brakeman-public_cert.pem)<\/code><\/pre>\n# ruby_parser, etc.\n<pre><code>gem cert --add &lt;(curl -Ls http:\/\/www.zenspider.com\/~ryan\/gem-public_cert.pem)<\/code><\/pre>\n# multijson\n<pre><code>gem cert --add &lt;(curl -Ls https:\/\/raw.githubusercontent.com\/intridea\/multi_json\/master\/certs\/rwz.pem)<\/code><\/pre>\n<strong>To verify:<\/strong>\n<pre><code>gem install brakeman -P MediumSecurity<\/code><\/pre>\n<strong>bundler<\/strong>\nBrakeman can be added to a Gemfile:\n<pre><code>gem \"brakeman\", :require =&gt; false<\/code><\/pre>\n<strong>git clone<\/strong>\n<pre><code>git clone git:\/\/github.com\/presidentbeef\/brakeman.git\ncd brakeman\ngem build brakeman.gemspec\ngem install brakeman-*.gem<\/code><\/pre>\n<h3>Running Brakeman<\/h3>\nJust run it with no options in the root directory of our Ruby application:\n<pre><code>cd your_rails_app\/\nbrakeman<\/code><\/pre>\nIt scans the application and gives the output as a report to the command line.\nAlternatively, we can supply a path as an option to Brakeman:\n<pre><code>brakeman your_rails_app<\/code><\/pre>\nEven more specifically:\n<pre><code>brakeman -p your_rails_app<\/code><\/pre>\n<h3>Referenser<\/h3>\nBrakemanScanner: <a href=\"https:\/\/brakemanscanner.org\/docs\/\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/brakemanscanner.org\/docs\/<\/a>\nGithub: <a href=\"https:\/\/github.com\/presidentbeef\/brakeman\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/github.com\/presidentbeef\/brakeman<\/a>\nRubyGems: <a href=\"https:\/\/rubygems.org\/gems\/brakeman\/versions\/3.3.2\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/rubygems.org\/gems\/brakeman\/versions\/3.3.2<\/a>\nRailsCasts: <a href=\"http:\/\/railscasts.com\/episodes\/358-brakeman\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/railscasts.com\/episodes\/358-brakeman<\/a>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-5c875cac elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"5c875cac\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-18d163dd\" data-id=\"18d163dd\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-64d645 elementor-widget elementor-widget-heading\" data-id=\"64d645\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Prenumerera f\u00f6r de senaste uppdateringarna<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-463b4fcc elementor-widget elementor-widget-shortcode\" data-id=\"463b4fcc\" data-element_type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t\t\t\t<script type=\"text\/javascript\">\n\t\t\t\t\t\tvar gCaptchaSibWidget;\n                        var onloadSibCallbackInvisible = function () {\n\n                            var element = document.getElementsByClassName('sib-default-btn');\n                            var countInvisible = 0;\n                            var indexArray = [];\n                            jQuery('.sib-default-btn').each(function (index, el) {\n                                if ((jQuery(el).attr('id') == \"invisible\")) {\n                                    indexArray[countInvisible] = index;\n                                    countInvisible++\n                                }\n                            });\n\n                            jQuery('.invi-recaptcha').each(function (index, el) {\n                                grecaptcha.render(element[indexArray[index]], {\n                                    'sitekey': jQuery(el).attr('data-sitekey'),\n                                    'callback': sibVerifyCallback,\n                                });\n                            });\n                        };\n\t\t\t\t\t<\/script>\n\t\t\t\t\t                <script src=\"https:\/\/www.google.com\/recaptcha\/api.js?onload=onloadSibCallbackInvisible&render=explicit\" async defer><\/script>\n\t\t\t\t\n\t\t\t<form id=\"sib_signup_form_1\" method=\"post\" class=\"sib_signup_form\" action=\"\">\n\t\t\t\t<div class=\"sib_loader\" style=\"display:none;\"><img\n\t\t\t\t\t\t\tsrc=\"https:\/\/www.railscarma.com\/wp-includes\/images\/spinner.gif\" alt=\"lastare\"><\/div>\n\t\t\t\t<input type=\"hidden\" name=\"sib_form_action\" value=\"subscribe_form_submit\">\n\t\t\t\t<input type=\"hidden\" name=\"sib_form_id\" value=\"1\">\n                <input type=\"hidden\" name=\"sib_form_alert_notice\" value=\"Please fill out this field\">\n                <input type=\"hidden\" name=\"sib_form_invalid_email_notice\" value=\"Your email address is invalid\">\n                <input type=\"hidden\" name=\"sib_security\" value=\"d7f7626ab9\">\n\t\t\t\t<div class=\"sib_signup_box_inside_1\">\n\t\t\t\t\t<div style=\"\/*display:none*\/\" class=\"sib_msg_disp\">\n\t\t\t\t\t<\/div>\n                                            <div id=\"sib_captcha_invisible\" class=\"invi-recaptcha\" data-sitekey=\"6LdikOAaAAAAAJ6SWrrKVQrtw7TQpQAEnv0HS0G3\"><\/div>\n                    \t\t\t\t\t<p class=\"sib-email-area\">\r\n    <label class=\"sib-email-area\"><\/label>\r\n    <input type=\"email\" class=\"sib-email-area\" name=\"email\" required=\"required\" placeholder=\"E-postadress\">\r\n<\/p>\r\n<p class=\"sib-NAME-area\">\r\n    <label class=\"sib-NAME-area\"><\/label>\r\n    <input type=\"text\" class=\"sib-NAME-area\" name=\"NAME\" placeholder=\"namn\">\r\n<\/p>\r\n<p>\r\n    <input type=\"submit\" id=\"invisible\" class=\"sib-default-btn\" value=\"Prenumerera\">\r\n<\/p>\t\t\t\t<\/div>\n\t\t\t<input type=\"hidden\" name=\"trp-form-language\" value=\"sv\"\/><\/form>\n\t\t\t<style>\n\t\t\t\tform#sib_signup_form_1 p.sib-alert-message {\n    padding: 6px 12px;\n    margin-bottom: 20px;\n    border: 1px solid transparent;\n    border-radius: 4px;\n    -webkit-box-sizing: border-box;\n    -moz-box-sizing: border-box;\n    box-sizing: border-box;\n}\nform#sib_signup_form_1 p.sib-alert-message-error {\n    background-color: #f2dede;\n    border-color: #ebccd1;\n    color: #a94442;\n}\nform#sib_signup_form_1 p.sib-alert-message-success {\n    background-color: #dff0d8;\n    border-color: #d6e9c6;\n    color: #3c763d;\n}\nform#sib_signup_form_1 p.sib-alert-message-warning {\n    background-color: #fcf8e3;\n    border-color: #faebcc;\n    color: #8a6d3b;\n}\n\t\t\t<\/style>\n\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t  <div class=\"related-post slider\">\r\n        <div class=\"headline\">relaterade inl\u00e4gg<\/div>\r\n    <div class=\"post-list owl-carousel\">\r\n\r\n            <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Kaminari Gem\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/kaminari-parla\/?related_post_from=37277\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"kaminari p\u00e4rla\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2023\/04\/kaminari-gem-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Kaminari Gem\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/kaminari-parla\/?related_post_from=37277\">\r\n        Kaminari Gem  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Varf\u00f6r anst\u00e4lla Ruby on Rails-utvecklare 2026?\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/ror\/varfor-anlita-utvecklare-av-ruby-on-rails\/?related_post_from=30627\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022.jpg\" class=\"attachment-full size-full wp-post-image\" alt=\"varf\u00f6r anlita utvecklare av ruby on rails 2022\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022.jpg 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022-300x113.jpg 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2019\/01\/why-to-hire-ruby-on-rails-developers-in-2022-768x288.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Varf\u00f6r anst\u00e4lla Ruby on Rails-utvecklare 2026?\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/ror\/varfor-anlita-utvecklare-av-ruby-on-rails\/?related_post_from=30627\">\r\n        Varf\u00f6r anst\u00e4lla Ruby on Rails-utvecklare 2026?  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Dataskrapning i skenor genom att bearbeta CSV\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/dataskrapning-i-skenor-genom-att-bearbeta-csv\/?related_post_from=31591\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/09\/DATA-SCRAPING-IN-RAILS-BY-PROCESSING-CSV.png\" class=\"attachment-full size-full wp-post-image\" alt=\"\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/09\/DATA-SCRAPING-IN-RAILS-BY-PROCESSING-CSV.png 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/09\/DATA-SCRAPING-IN-RAILS-BY-PROCESSING-CSV-300x113.png 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/09\/DATA-SCRAPING-IN-RAILS-BY-PROCESSING-CSV-768x288.png 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Dataskrapning i skenor genom att bearbeta CSV\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/dataskrapning-i-skenor-genom-att-bearbeta-csv\/?related_post_from=31591\">\r\n        Dataskrapning i skenor genom att bearbeta CSV  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Ring r\u00f6stsamtal genom Ruby on Rails webbapplikationer\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/ringa-rostsamtal-genom-ruby-on-rails-webbapplikationer\/?related_post_from=31309\">\r\n\r\n      <img decoding=\"async\" width=\"800\" height=\"300\" src=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/07\/MAKE-VOICE-CALLS-THROUGH-RUBY-ON-RAILS-WEB-APPLICATIONS.png\" class=\"attachment-full size-full wp-post-image\" alt=\"\" srcset=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/07\/MAKE-VOICE-CALLS-THROUGH-RUBY-ON-RAILS-WEB-APPLICATIONS.png 800w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/07\/MAKE-VOICE-CALLS-THROUGH-RUBY-ON-RAILS-WEB-APPLICATIONS-300x113.png 300w, https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/07\/MAKE-VOICE-CALLS-THROUGH-RUBY-ON-RAILS-WEB-APPLICATIONS-768x288.png 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Ring r\u00f6stsamtal genom Ruby on Rails webbapplikationer\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/ringa-rostsamtal-genom-ruby-on-rails-webbapplikationer\/?related_post_from=31309\">\r\n        Ring r\u00f6stsamtal genom Ruby on Rails webbapplikationer  <\/a>\r\n\r\n        <\/div>\r\n      \r\n  <\/div>\r\n\r\n  <script>\r\n      <\/script>\r\n  <style>\r\n    .related-post {}\r\n\r\n    .related-post .post-list {\r\n      text-align: left;\r\n          }\r\n\r\n    .related-post .post-list .item {\r\n      margin: 10px;\r\n      padding: 10px;\r\n          }\r\n\r\n    .related-post .headline {\r\n      font-size: 14px !important;\r\n      color: #999999 !important;\r\n          }\r\n\r\n    .related-post .post-list .item .post_thumb {\r\n      max-height: 220px;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n          }\r\n\r\n    .related-post .post-list .item .post_title {\r\n      font-size: 14px;\r\n      color: #000000;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    .related-post .post-list .item .post_excerpt {\r\n      font-size: 12px;\r\n      color: #3f3f3f;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    .related-post .owl-dots .owl-dot {\r\n          }\r\n\r\n      <\/style>\r\n      <script>\r\n      jQuery(document).ready(function($) {\r\n        $(\".related-post .post-list\").owlCarousel({\r\n          items: 2,\r\n          responsiveClass: true,\r\n          responsive: {\r\n            0: {\r\n              items: 1,\r\n            },\r\n            768: {\r\n              items: 2,\r\n            },\r\n            1200: {\r\n              items: 2,\r\n            }\r\n          },\r\n                      rewind: true,\r\n                                loop: true,\r\n                                center: false,\r\n                                autoplay: true,\r\n            autoplayHoverPause: true,\r\n                                nav: true,\r\n            navSpeed: 1000,\r\n            navText: ['<i class=\"fas fa-chevron-left\"><\/i>', '<i class=\"fas fa-chevron-right\"><\/i>'],\r\n                                dots: false,\r\n            dotsSpeed: 1200,\r\n                                                    rtl: false,\r\n          \r\n        });\r\n      });\r\n    <\/script>\r\n  <\/div>","protected":false},"excerpt":{"rendered":"<p>Introduction Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly scans through the source code of our application which eliminates the need to set-up our whole application stack in order for using this expedient security tool. After scanning, it produces a report of &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/third-party-api-integration-solutions-in-ruby-on-rails\/\"> <span class=\"screen-reader-text\">L\u00f6sningar f\u00f6r API-integration fr\u00e5n tredje part i Ruby on Rails<\/span> L\u00e4s mer \u00bb<\/a><\/p>","protected":false},"author":1,"featured_media":31728,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[384],"tags":[382,693],"class_list":["post-27097","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technical-articles","tag-ruby-on-rails","tag-ruby-on-rails-company"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>BRAKEMAN: Rails Security Scanner - RailsCarma - Ruby on Rails Development Company specializing in Offshore Development<\/title>\n<meta name=\"description\" content=\"Introduction Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/brakeman-rails-sakerhetsskanner\/\" \/>\n<meta property=\"og:locale\" content=\"sv_SE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"BRAKEMAN: Rails Security Scanner - RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\" \/>\n<meta property=\"og:description\" content=\"Introduction Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/brakeman-rails-sakerhetsskanner\/\" \/>\n<meta property=\"og:site_name\" content=\"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/RailsCarma\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-09-02T09:49:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-05T07:39:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@railscarma\" \/>\n<meta name=\"twitter:site\" content=\"@railscarma\" \/>\n<meta name=\"twitter:label1\" content=\"Skriven av\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Ber\u00e4knad l\u00e4stid\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuter\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21\"},\"headline\":\"BRAKEMAN: Rails Security Scanner\",\"datePublished\":\"2017-09-02T09:49:21+00:00\",\"dateModified\":\"2021-06-05T07:39:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/\"},\"wordCount\":379,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.railscarma.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg\",\"keywords\":[\"Ruby on rails\",\"Ruby on Rails Company\"],\"articleSection\":[\"Technical Articles\"],\"inLanguage\":\"sv-SE\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/\",\"url\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/\",\"name\":\"BRAKEMAN: Rails Security Scanner - RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\",\"isPartOf\":{\"@id\":\"https:\/\/www.railscarma.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg\",\"datePublished\":\"2017-09-02T09:49:21+00:00\",\"dateModified\":\"2021-06-05T07:39:04+00:00\",\"description\":\"Introduction Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly\",\"breadcrumb\":{\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#breadcrumb\"},\"inLanguage\":\"sv-SE\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"sv-SE\",\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage\",\"url\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg\",\"contentUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg\",\"width\":800,\"height\":300},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.railscarma.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"BRAKEMAN: Rails Security Scanner\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.railscarma.com\/#website\",\"url\":\"https:\/\/www.railscarma.com\/\",\"name\":\"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development\",\"description\":\"RailsCarma is a Ruby on Rails Development Company in Bangalore. We specialize in Offshore Ruby on Rails Development based out in USA and India. Hire experienced Ruby on Rails developers for the ultimate Web Experience.\",\"publisher\":{\"@id\":\"https:\/\/www.railscarma.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.railscarma.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"sv-SE\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.railscarma.com\/#organization\",\"name\":\"RailsCarma\",\"url\":\"https:\/\/www.railscarma.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"sv-SE\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png\",\"contentUrl\":\"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png\",\"width\":200,\"height\":46,\"caption\":\"RailsCarma\"},\"image\":{\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/RailsCarma\/\",\"https:\/\/x.com\/railscarma\",\"https:\/\/www.linkedin.com\/company\/railscarma\/\",\"https:\/\/myspace.com\/railscarma\",\"https:\/\/in.pinterest.com\/railscarma\/\",\"https:\/\/www.youtube.com\/channel\/UCx3Wil-aAnDARuatTEyMdpg\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"sv-SE\",\"@id\":\"https:\/\/www.railscarma.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/www.railscarma.com\/hire-ruby-on-rails-developer\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"BRAKEMAN: Rails Security Scanner - RailsCarma - Ruby on Rails Development Company specializing in Offshore Development","description":"Introduction Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/brakeman-rails-sakerhetsskanner\/","og_locale":"sv_SE","og_type":"article","og_title":"BRAKEMAN: Rails Security Scanner - RailsCarma - Ruby on Rails Development Company specializing in Offshore Development","og_description":"Introduction Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly","og_url":"https:\/\/www.railscarma.com\/sv\/blogg\/tekniska-artiklar\/brakeman-rails-sakerhetsskanner\/","og_site_name":"RailsCarma - Ruby on Rails Development Company specializing in Offshore Development","article_publisher":"https:\/\/www.facebook.com\/RailsCarma\/","article_published_time":"2017-09-02T09:49:21+00:00","article_modified_time":"2021-06-05T07:39:04+00:00","og_image":[{"width":800,"height":300,"url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_creator":"@railscarma","twitter_site":"@railscarma","twitter_misc":{"Skriven av":"admin","Ber\u00e4knad l\u00e4stid":"2 minuter"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#article","isPartOf":{"@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/"},"author":{"name":"admin","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21"},"headline":"BRAKEMAN: Rails Security Scanner","datePublished":"2017-09-02T09:49:21+00:00","dateModified":"2021-06-05T07:39:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/"},"wordCount":379,"commentCount":0,"publisher":{"@id":"https:\/\/www.railscarma.com\/#organization"},"image":{"@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage"},"thumbnailUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg","keywords":["Ruby on rails","Ruby on Rails Company"],"articleSection":["Technical Articles"],"inLanguage":"sv-SE","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/","url":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/","name":"BRAKEMAN: Rails Security Scanner - RailsCarma - Ruby on Rails Development Company specializing in Offshore Development","isPartOf":{"@id":"https:\/\/www.railscarma.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage"},"image":{"@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage"},"thumbnailUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg","datePublished":"2017-09-02T09:49:21+00:00","dateModified":"2021-06-05T07:39:04+00:00","description":"Introduction Brakeman is a security scanner and it detects security vulnerabilities in Rails applications with the help of static analysis. It directly","breadcrumb":{"@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#breadcrumb"},"inLanguage":"sv-SE","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/"]}]},{"@type":"ImageObject","inLanguage":"sv-SE","@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#primaryimage","url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg","contentUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2017\/09\/Brakeman.jpg","width":800,"height":300},{"@type":"BreadcrumbList","@id":"https:\/\/www.railscarma.com\/fr\/blog\/technical-articles\/scanner-de-securite-des-rails-du-serre-frein\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.railscarma.com\/"},{"@type":"ListItem","position":2,"name":"BRAKEMAN: Rails Security Scanner"}]},{"@type":"WebSite","@id":"https:\/\/www.railscarma.com\/#website","url":"https:\/\/www.railscarma.com\/","name":"RailsCarma - Ruby on Rails Development Company specialiserat p\u00e5 Offshore Development","description":"RailsCarma \u00e4r ett Ruby on Rails Development Company i Bangalore. Vi \u00e4r specialiserade p\u00e5 Offshore Ruby on Rails Development baserat i USA och Indien. Anst\u00e4ll erfarna Ruby on Rails-utvecklare f\u00f6r den ultimata webbupplevelsen.","publisher":{"@id":"https:\/\/www.railscarma.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.railscarma.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"sv-SE"},{"@type":"Organization","@id":"https:\/\/www.railscarma.com\/#organization","name":"RailsCarma","url":"https:\/\/www.railscarma.com\/","logo":{"@type":"ImageObject","inLanguage":"sv-SE","@id":"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png","contentUrl":"https:\/\/www.railscarma.com\/wp-content\/uploads\/2020\/08\/railscarma_logo.png","width":200,"height":46,"caption":"RailsCarma"},"image":{"@id":"https:\/\/www.railscarma.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/RailsCarma\/","https:\/\/x.com\/railscarma","https:\/\/www.linkedin.com\/company\/railscarma\/","https:\/\/myspace.com\/railscarma","https:\/\/in.pinterest.com\/railscarma\/","https:\/\/www.youtube.com\/channel\/UCx3Wil-aAnDARuatTEyMdpg"]},{"@type":"Person","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/5f2228a2dec7549056e709de6eb85d21","name":"administration","image":{"@type":"ImageObject","inLanguage":"sv-SE","@id":"https:\/\/www.railscarma.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/308867ca6c81f3aba146080c601000087180326f752c4116849ea9f514c6a4fa?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/www.railscarma.com\/hire-ruby-on-rails-developer\/"]}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/posts\/27097","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/comments?post=27097"}],"version-history":[{"count":0,"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/posts\/27097\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/media\/31728"}],"wp:attachment":[{"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/media?parent=27097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/categories?post=27097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.railscarma.com\/sv\/wp-json\/wp\/v2\/tags?post=27097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}