Brakeman Pro

Updates & Media

ALL UPDATES

Brakeman Pro has been Acquired by Synopsys

Jun 28, 2018
RailsConf 2018 Impressions

Apr 24, 2018
Brakeman Pro 1.7.3 Released

Mar 24, 2018
Brakeman Pro 1.7.2 Released

Feb 22, 2018
Brakeman Pro 1.7.1 Released

Jan 10, 2018
Two Years of Brakeman Pro

Nov 15, 2017
Brakeman Pro Engine 4.0 Released

Sep 25, 2017
Cross-Site Scripting in Rails

Sep 8, 2017
Brakeman Pro 1.6.0 Released

Aug 22, 2017
Securing Rails Applications with Brakeman Pro

Jul 30, 2017
Automating Rails Security with Brakeman Pro

Jul 10, 2017
Brakeman Pro 1.5.0 Released

Jun 30, 2017
Brakeman Pro 1.4.1 Released

Mar 24, 2017
2017 Pricing Updates

Mar 1, 2017
Brakeman Pro 1.4.0 Released

Feb 3, 2017
One Year of Brakeman Pro

Nov 18, 2016
Brakeman Pro 1.3.3 Released

Nov 2, 2016
Brakeman Pro Engine Now Available on Code Climate

Oct 5, 2016
Brakeman Pro Engine is Here!

Sep 14, 2016
Brakeman Pro 1.3.2 Now Available

Sep 7, 2016
Brakeman Pro 1.3.1 Released

Aug 12, 2016
Brakeman Pro 1.3.0 Now Available

Jul 20, 2016
Brakeman Pro 1.2.2 Available

Jun 10, 2016
Brakeman Pro 1.2.1 Available

Jun 3, 2016
What Makes Brakeman Special

May 25, 2016
Brakeman Pro 1.2.0 Released!

Mar 15, 2016
Brakeman Pro 1.1.1 Now Available

Feb 3, 2016
Brakeman Pro 1.0 is Available!

Nov 18, 2015
Testing JRubyFX Applications in Docker Containers

Sep 5, 2015
Testing JRubyFX Applications with Automaton

Sep 5, 2015
What is JRubyFX?

Sep 5, 2015

Brakeman Pro 1.7.3 Released

Mar 24, 2018

In response to the Rails-related CVEs released this week, Brakeman Pro Desktop 1.7.3 and Brakeman Pro Engine 4.2.1 are now available!

Please note there have been a number of vulnerabilities in the Rails HTML sanitization methods over the years. Parsing HTML and carefully keeping only “safe” values is very difficult to do correctly all the time for all inputs.

Only use sanitization when an application must accept and render HTML from an untrusted source. Otherwise, escape outputs.

Update List:

Warn about CVE-2018-3741
Warn about CVE-2018-8048
Scan the app/jobs/ directory
Avoid warning about dynamic renders when template_exists? is used

Want to know more about Brakeman Pro?

Brakeman Pro is a static analysis security tool for Ruby on Rails applications.

Brakeman Pro can be used as a desktop application, Ruby Gem, and as a Code Climate engine.

If you have not purchased Brakeman Pro yet, you can review pricing and purchase licenses directly from our site.

Need to try before buying? Take Brakeman Pro Desktop for a spin.

Please feel free to contact us with any questions!

Brakeman Pro

Updates & Media

ALL UPDATES

Brakeman Pro has been Acquired by Synopsys

RailsConf 2018 Impressions

Brakeman Pro 1.7.3 Released

Brakeman Pro 1.7.2 Released

Brakeman Pro 1.7.1 Released

Two Years of Brakeman Pro

Brakeman Pro Engine 4.0 Released

Cross-Site Scripting in Rails

Brakeman Pro 1.6.0 Released

Securing Rails Applications with Brakeman Pro

Automating Rails Security with Brakeman Pro

Brakeman Pro 1.5.0 Released

Brakeman Pro 1.4.1 Released

2017 Pricing Updates

Brakeman Pro 1.4.0 Released

One Year of Brakeman Pro

Brakeman Pro 1.3.3 Released

Brakeman Pro Engine Now Available on Code Climate

Brakeman Pro Engine is Here!

Brakeman Pro 1.3.2 Now Available

Brakeman Pro 1.3.1 Released

Brakeman Pro 1.3.0 Now Available

Brakeman Pro 1.2.2 Available

Brakeman Pro 1.2.1 Available

What Makes Brakeman Special

Brakeman Pro 1.2.0 Released!

Brakeman Pro 1.1.1 Now Available

Brakeman Pro 1.0 is Available!

Testing JRubyFX Applications in Docker Containers

Testing JRubyFX Applications with Automaton

What is JRubyFX?

Brakeman Pro 1.7.3 Released

Mar 24, 2018

Want to know more about Brakeman Pro?

Previous post: Brakeman Pro 1.7.2 Released

Next post: RailsConf 2018 Impressions