Relevance Audits

We can typically complete an Audit within a week of the initial meeting. Pricing varies depending on the size and technical debt of your project. Please contact us for more information.

Rails Project Audit

Relevance will provide a comprehensive review of your Rails project. A typical Audit will cover the following areas:

• Development process: Story tracking, repository management, code hygiene, iteration planning, and defect tracking.
• Testing: Unit testing, functional testing, acceptance testing, continuous integration, and test coverage.
• Data: Database design, sample data, query design, and migration management.
• Code: MVC adherence, object modeling, idiomatic Ruby usage, idiomatic Rails usage, and transactional integrity.
• Deployment: Server setup, monitoring, and log management.

We generally fix a number of issues during the Audit. At the end of the Audit you will receive a detailed report detailing these fixes. The report will also cover the areas listed above, rating your project's performance to date and providing suggestions for improvement.

Rails Security Audit

Relevance's Rails Security Audit consists of five phases:

• Source Code Audit: We review your source code and identify vulnerabilities to test in subsequent phases. Key areas include input sanitization, SQL queries and sensitive data storage.
• XSS Audit: We test all endpoints exposed by the application to verify that scripts cannot be injected into the application. This reduces the risk of Cross-Site Scripting (XSS), which can expose sensitive customer data, violate privacy, and lead to further compromises.
• SQL Injection Audit: We test all endpoints exposed by the application to verify that SQL cannot be injected into the database. An SQL injection attack can expose sensitive data and corrupt the database.
• Fuzzing Audit: We crawl and index the application for fuzzing vulnerabilities. Fuzzing is an automated attack, which bombards an entire application with bad data and verifies that the application responds appropriately.
• Deployment Stack Audit: We test your production environment, examining key elements such as the operating system, web server and applicable databases.

Rails Performance Audit

Relevance will provide a comprehensive review of your Rails application's performance, including:

• Baseline Reporting: We use RPM, by New Relic, to establish a baseline understanding of the performance characteristics of your application.
• Database Analysis: We look at your database infrastructure, from installed versions of the database engine to schema decisions and everything in between.
• External Process Analysis: Are you using Solr for searching? What about ActiveMQ as a messaging infrastructure? We'll look at how your processes are managed, and the communication channels between them and your Rails application, to find drags and bottlenecks.
• Server Analysis: We study your server environment to ensure that the right tools are enabled, the wrong ones removed, and that your host is providing the right environment for your application to run in.

We generally fix a number of bottlenecks during the Audit. At the end of the Audit you will receive a detailed report of these fixes, plus any areas of concern that you need to fix.

Check out our satisfied clients or feel free to contact us for more information.