Fuzz-Testing Rails Apps with Tarantula
Tarantula is a Rails plugin for doing easy, repeatable fuzz testing of Rails applications. Tarantula crawls your application, supplying random inputs at every turn and looking for signs of trouble. It can be used to regularly check for many kinds of error handling issues, cross-site scripting and SQL injection vulnerabilities, and more mundane things like invalid HTML. This talk will discuss how Tarantula works, how to use it, and how to make it a regular part of your testing strategy.
I'll discuss the various kinds of problems that Tarantula can help you detect. I'll explain how to install Tarantula, configure it for various kinds of testing, and how to interpret (and react to) its output. Finally, I'll discuss how to make it a regular part of your automated testing regimen.
About Glenn Vanderburg
Glenn Vanderburg is a principal at Relevance, where he is focused on cutting-edge software development technologies and techniques. He brings more than 20 years of experience developing software across a wide range of domains, and using a variety of tools and technologies. Glenn is always searching for ways to improve the state of software development, and was an early adopter and proponent of Ruby, Rails, and agile practices.
More About Glenn »
