Security controls

Web frameworks security controls

JobTeaser utilizes modern web framework (e.g. Ruby on Rails, Phoenix) and makes use of its security controls to limit exposure to OWASP Top 10 security flaws. These include inherent controls that reduce our exposure to Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and SQL Injection (SQLi), among others.

Web application firewalls

A Web application firewall (WAF) is used to protect JobTeaser’s public-facing applications and platform components.

Technical review of applications after platform changes

Each source code change goes through several reviews:

  • code review by two other members of the development team;
  • functional review and/or non-regression testing by the product manager or QA engineers.

Test-data protection

For development and testing environments, an anonymised subset of production data is automatically created every day and loaded into JobTeaser’s staging environment. This allows engineers to thoroughly test their releases with production-grade inputs before rolling out to the production environment.