Rails is one of the best frameworks to build websites, it solved a lot of security issues by default, like SQL injection and Cross-Site Scripting. Still there are lots of chances to have security vulnerabilities in our application.

Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. Unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it. Once Brakeman scans the application code, it produces a report of all security issues it has found. Brakeman requires zero setups or configuration once it is installed, what you have to do is to just run it.
We can also integrate brakeman with Jenkins by adding Brakeman plugin. For continuous testing, We can use Guard::Brakeman, which allows you to automatically run Brakeman tests when files are modified.

Installation
Using RubyGems:

1	gem install brakeman

Using Bundler, add to development group in Gemfile and set to not be required automatically:

1 2 3

group :development do gem 'brakeman', :require => false end

Running Brakeman
The simplest way to get started with Brakeman is to just run it with no options in the root directory of your Rails application:

1 2	cd your_rails_app/ brakeman

This will scan the application in the current directory and output a report to the command line.

Alternatively, you can supply a path as an option to Brakeman:

1	brakeman your_rails_app

To specify an output file for the results:

1	brakeman -o output_file

The output format is determined by the file extension or by using the -f option. Current options are: text, html, tabs, json, markdown, and csv.

Multiple output files can be specified:

1	brakeman -o output.html -o output.json

Example result : For more options and documentation, visit official site :