Understanding what a bad app looks like is a key ingredient for understanding how to secure it. Knowing what mistakes can be made and how they get taken advantage of by attackers provides practical understanding. Moving from security bad practices to security good practices has its benefits of understanding viscerally what bad vs. good looks like. During this session, we intend to quickly build an app and add onto it so that poor practices become apparent. And then during Week 3, we'll hammer on our weak apps to determine how we would do against attackers.

OBJECTIVES

During Week 2, we'll accomplish the following objectives:

• Gain familiarity with Infrastructure as a Service
• Understand Micro-Services
• Develop a Bad Rails app and manually deploy to AWS

Lesson #1: Intro to Full Stack Development

During this lesson, we'll explore Software Defined Environments. We'll navigate the AWS Cloud using AWS-CLI, AWS Console AWS-SDK-Ruby gem and build a small Ruby app to list the contents in an S3 bucket.

Lesson #2: Build a Weak Rails app

During this lesson, we'll build a weakened Rails app that you will be able to interact with and go through the process of deploying it to AWS

Resources

• The best Rails Tutorial Book available for free online!
• Ruby on Rails Guides
• Rails Screencasts
• Some more free Rails Casts