Brakeman - Brakeman Security Scanner

1 min read Original article ↗

Secure Your Rails Applications

Brakeman is a free vulnerability scanner designed for Ruby on Rails applications. Statically analyze Rails application code to find security issues at any stage of development.

gem install brakeman

brakeman

== Brakeman Report ==

🎯

Rails-Specific

Built specifically for Ruby on Rails. Understands Rails patterns, conventions, and common vulnerability patterns.

🔧

Zero Configuration

Works out of the box with sensible defaults.

🔍

Broad Coverage

Detects SQL injection, cross-site scripting, command injection, and dozens of other vulnerability types.

Version 7.1.2

Brakeman 7.1.2 Released

December 2025 • Ruby 4.0 compatibility and fewer false positives

Dependency Updates

🎉 What's New

  • Update ruby_parser to remove max version restriction (Chedli Bourguiba)
  • Increase minimum Ruby version to 3.2.0
  • Reduce SQL injection false positives from count (and other) calls (#1936)
  • Remove more XSS false positives related to Haml attribute builder

Read Full Release Notes →