How do you do compliance checks?

kmitov · May 28, 2021, 5:48am

Context

I am taking over a project in Health Tech with some already established infrastructure. I will be leading the tech office and the first thing I want to do is to make sure we are compliant with a lot of requirements.

Question

I wanted to stay current and see if anyone here is as crazy as me to do compliance/security checks for gems and dependencies running over users data.

mark_s · May 28, 2021, 2:12pm

We use gemsurance and bundle-audit to check we are up to date on gem versions and report any CVEs

zzak · May 28, 2021, 10:16pm

Twistlock is also pretty good for ticking some of those boxes.

petrik · May 30, 2021, 8:25am

We run bundler audit and brakeman for all apps.

BathKoala · July 8, 2021, 3:47pm

Very helpful and informative. Thank for sharing this post.

Topic	Replies	Views
automating online banking login & checking for new transactions - what's best approach? (e.g. which gems/libraries etc) rubyonrails-talk	121	August 27, 2009
automating online banking login & checking for new transactions - what's best approach? (e.g. which gems/libraries etc) rubyonrails-talk	126	August 26, 2009
Auditing Ruby on Rails Application rubyonrails-docs	603	February 17, 2023
anyone using Lockdown? rubyonrails-talk	104	September 15, 2009
[Tool] An alternative to Brakeman for Security checks rubyonrails-talk announcement	608	July 20, 2023

How do you do compliance checks?

Context

Question

Related topics

More Resources