Brakeman Pro 1.4.0 Released

Feb 3, 2017

We are very excited to announce the release of Brakeman Pro 1.4.0!

New in this release, you can import and export false positives, set advanced scan options, and scan applications that do not “look” like Rails apps.

Options Modal

We have also refactored many actions from buttons into a new menu bar. This makes it much easier to find and use Pro features.

Options Modal

We hope you like the new, cleaner UI!

New in Brakeman Pro Desktop:

  • Refreshed UI! Most actions have moved up to the new menu bar
  • Many scan options may now be set via the UI
  • Brakeman “ignore” files are automatically detected and can be imported
  • False positives can be exported to a Brakeman “ignore” file
  • Applications without an app directory can still be scanned

New in Brakeman Pro Engine:

  • Expanded SQL injection detection to reduce false negatives
  • Reduced SQL injection false positives
  • Expanded template scanning to those without specific extension
  • Improved support for Concerns
  • Reduced false positives for unescaped outputs
  • New --ensure-latest option to force use of latest version
  • New --no-summary option to hide summaries in HTML/text reports
  • Added check name to JSON and plain reports
  • Scans now fail when invalid checks specified by -x or -t

Brakeman Pro is a static analysis security tool for Ruby on Rails applications.

Brakeman Pro can be used as a desktop application, Ruby Gem, and as a Code Climate engine.

Learn more!

If you have not purchased Brakeman Pro yet, you can review pricing and purchase licenses directly from our site.

Need to try before buying? Take Brakeman Pro Desktop for a spin.

Please feel free to contact us with any questions!