SlideShare a Scribd company logo
Security On Rails
David Paluy
October 2012
"Ruby is simple in appearance,
  but is very complex inside,
  just like our human body."

  Yukihiro "matz" Matsumoto
Agenda

●   Session Hijacking
●   CSRF
●   Mass Assignment
●   SQL Injection
Websites are all about
      the data!
When is a user not a user?
You have no way of knowing
who or where the data that hits
  your application is coming
             from.
Session Hijacking
Session Hijacking
●   Sniff the cookie in an insecure network.
●   Most people don’t clear out the cookies after
    working at a public terminal
●   Cross-Site Scripting (XSS)
●   CSS Injection
●   Header Injection
config.force_ssl = true

●   If you have http assets on an https page, the
    user’s browser will display a mixed-content
    warning in the browser bar.

●   Rails does most of the work for you, but if you
    have any hard-coded “http://” internal-links or
    images, make sure you change them.
Session Expiry

class Session < ActiveRecord::Base
 def self.sweep(time = 1.hour)
  if time.is_a?(String)
   time = time.split.inject { |count, unit| count.to_i.send(unit) }
  end
  delete_all "updated_at < '#{time.ago.to_s(:db)}' OR
       created_at < '#{2.days.ago.to_s(:db)}'"
 end
end
Provide the user with a log-out
button in the web application,
   and make it prominent.
XSS Countermeasures

strip_tags("some<<b>script>alert('hello')<</b>/script>")
RESULT: some<script>alert(‘hello’)</script>


<%= h post.text %>


<%= sanitize @article.body %>
view SanitizeHelper
CSS Injection

●   <div style="background:url('javascript:alert(1)')">
●   alert(eval('document.body.inne' + 'rHTML'));
Header Injection

redirect_to params[:referer]
http://www.yourapplication.com/controller/action?
referer=http://www.malicious.tld



Make sure you do it yourself when you
build other header fields with user input.
Session Storage

config.action_dispatch.session = {
    :key   => '_app_session',
    :secret => '0dkfj3927dkc7djdh36rkckdfzsg...'
}
Cross-Site Request Forgery (CSRF)




            Most Rails applications use cookie-based sessions
CSRF Countermeasures
    Be RESTful
    Use GET if:
●   The interaction is more like a question (i.e., it is a safe operation such as a
    query, read operation, or lookup).


    Use POST if:
●   The interaction is more like an order, or
●   The interaction changes the state of the resource in a way that the user
    would perceive (e.g., a subscription to a service), or
●   The user is held accountable for the results of the interaction.


       protect_from_forgery :secret => "123456789012345678901234567890..."
Mass Assignment




attr_accessible :name
attr_accessible :is_admin, :as => :admin
Mass Assignment
SQL Injection

●   Project.where("name = '#{params[:name]}'")
    SELECT * FROM projects WHERE name = '' OR 1'


●   User.first("login = '#{params[:name]}' AND
    password = '#{params[:password]}'")
    SELECT * FROM users WHERE login = '' OR '1'='1' AND
                              password = '' OR '2'>'1' LIMIT 1
SQL Injection Countermeasures

●   Model.where("login = ? AND password = ?",
    entered_user_name, entered_password).first

●   Model.where(:login => entered_user_name,
         :password => entered_password).first
Tools

●   Brakeman - A static analysis security
    vulnerability scanner for Ruby on Rails
    applications
●   RoRSecurity – explore Rails security
●   Techniques to Secure your Website with RoR
Summary


The security landscape shifts and
 it is important to keep up to date,
because missing a new vulnerability
         can be catastrophic.
Ad

More Related Content

What's hot (20)

Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?
André Goliath
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
André Goliath
 
Das kannste schon so machen
Das kannste schon so machenDas kannste schon so machen
Das kannste schon so machen
André Goliath
 
Getting started with angular js
Getting started with angular jsGetting started with angular js
Getting started with angular js
Maurice De Beijer [MVP]
 
webcomponents (Jfokus 2015)
webcomponents (Jfokus 2015)webcomponents (Jfokus 2015)
webcomponents (Jfokus 2015)
Hendrik Ebbers
 
Our application got popular and now it breaks
Our application got popular and now it breaksOur application got popular and now it breaks
Our application got popular and now it breaks
ColdFusionConference
 
Authenticating and Securing Node.js APIs
Authenticating and Securing Node.js APIsAuthenticating and Securing Node.js APIs
Authenticating and Securing Node.js APIs
Jimmy Guerrero
 
Building Layers of Defense with Spring Security
Building Layers of Defense with Spring SecurityBuilding Layers of Defense with Spring Security
Building Layers of Defense with Spring Security
Joris Kuipers
 
OWASP SF - Reviewing Modern JavaScript Applications
OWASP SF - Reviewing Modern JavaScript ApplicationsOWASP SF - Reviewing Modern JavaScript Applications
OWASP SF - Reviewing Modern JavaScript Applications
Lewis Ardern
 
Cross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with JavaCross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with Java
Jim Manico
 
Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5
Jim Manico
 
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
Atlassian
 
Design & Development of Web Applications using SpringMVC
Design & Development of Web Applications using SpringMVC Design & Development of Web Applications using SpringMVC
Design & Development of Web Applications using SpringMVC
Naresh Chintalcheru
 
Cutting the Fat
Cutting the FatCutting the Fat
Cutting the Fat
Codemotion
 
XSS Magic tricks
XSS Magic tricksXSS Magic tricks
XSS Magic tricks
GarethHeyes
 
Azure Container Apps
Azure Container AppsAzure Container Apps
Azure Container Apps
ICS
 
The Future of CSS with Web Components
The Future of CSS with Web ComponentsThe Future of CSS with Web Components
The Future of CSS with Web Components
ColdFusionConference
 
Mvvm knockout vs angular
Mvvm knockout vs angularMvvm knockout vs angular
Mvvm knockout vs angular
Basarat Syed
 
An Introduction to webOS
An Introduction to webOSAn Introduction to webOS
An Introduction to webOS
Kevin Decker
 
Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...
Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...
Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...
MUG-Lyon Microsoft User Group
 
Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?
André Goliath
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
André Goliath
 
Das kannste schon so machen
Das kannste schon so machenDas kannste schon so machen
Das kannste schon so machen
André Goliath
 
webcomponents (Jfokus 2015)
webcomponents (Jfokus 2015)webcomponents (Jfokus 2015)
webcomponents (Jfokus 2015)
Hendrik Ebbers
 
Our application got popular and now it breaks
Our application got popular and now it breaksOur application got popular and now it breaks
Our application got popular and now it breaks
ColdFusionConference
 
Authenticating and Securing Node.js APIs
Authenticating and Securing Node.js APIsAuthenticating and Securing Node.js APIs
Authenticating and Securing Node.js APIs
Jimmy Guerrero
 
Building Layers of Defense with Spring Security
Building Layers of Defense with Spring SecurityBuilding Layers of Defense with Spring Security
Building Layers of Defense with Spring Security
Joris Kuipers
 
OWASP SF - Reviewing Modern JavaScript Applications
OWASP SF - Reviewing Modern JavaScript ApplicationsOWASP SF - Reviewing Modern JavaScript Applications
OWASP SF - Reviewing Modern JavaScript Applications
Lewis Ardern
 
Cross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with JavaCross Site Scripting (XSS) Defense with Java
Cross Site Scripting (XSS) Defense with Java
Jim Manico
 
Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5
Jim Manico
 
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
Atlassian
 
Design & Development of Web Applications using SpringMVC
Design & Development of Web Applications using SpringMVC Design & Development of Web Applications using SpringMVC
Design & Development of Web Applications using SpringMVC
Naresh Chintalcheru
 
Cutting the Fat
Cutting the FatCutting the Fat
Cutting the Fat
Codemotion
 
XSS Magic tricks
XSS Magic tricksXSS Magic tricks
XSS Magic tricks
GarethHeyes
 
Azure Container Apps
Azure Container AppsAzure Container Apps
Azure Container Apps
ICS
 
The Future of CSS with Web Components
The Future of CSS with Web ComponentsThe Future of CSS with Web Components
The Future of CSS with Web Components
ColdFusionConference
 
Mvvm knockout vs angular
Mvvm knockout vs angularMvvm knockout vs angular
Mvvm knockout vs angular
Basarat Syed
 
An Introduction to webOS
An Introduction to webOSAn Introduction to webOS
An Introduction to webOS
Kevin Decker
 
Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...
Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...
Global Windows Azure Bootcamp : Cedric Derue playing with php on azure. (spon...
MUG-Lyon Microsoft User Group
 

Similar to Security on Rails (20)

Security in Node.JS and Express:
Security in Node.JS and Express:Security in Node.JS and Express:
Security in Node.JS and Express:
Petros Demetrakopoulos
 
Neoito — Secure coding practices
Neoito — Secure coding practicesNeoito — Secure coding practices
Neoito — Secure coding practices
Neoito
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
Javan Rasokat
 
Rails Security
Rails SecurityRails Security
Rails Security
Wen-Tien Chang
 
Breaking Bad CSP
Breaking Bad CSPBreaking Bad CSP
Breaking Bad CSP
Lukas Weichselbaum
 
DevOps and the Future of Enterprise Security
DevOps and the Future of Enterprise SecurityDevOps and the Future of Enterprise Security
DevOps and the Future of Enterprise Security
Frank Kim
 
JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks
JSMVCOMFG - To sternly look at JavaScript MVC and Templating FrameworksJSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks
JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks
Mario Heiderich
 
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
Grand Parade Poland
 
09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)
09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)
09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)
Igor Bronovskyy
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web Security
SharePointRadi
 
Whatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the processWhatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the process
guest3379bd
 
StHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFG
StHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFGStHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFG
StHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFG
StHack
 
Hunting Security Bugs in Modern Web Applications
Hunting Security Bugs in Modern Web ApplicationsHunting Security Bugs in Modern Web Applications
Hunting Security Bugs in Modern Web Applications
Toe Khaing
 
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web InterfacesThey Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
michelemanzotti
 
手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務
Mu Chun Wang
 
Hackers vs developers
Hackers vs developersHackers vs developers
Hackers vs developers
Soumyasanto Sen
 
Web Security 101
Web Security 101Web Security 101
Web Security 101
Michael Peters
 
Application Security around OWASP Top 10
Application Security around OWASP Top 10Application Security around OWASP Top 10
Application Security around OWASP Top 10
Sastry Tumuluri
 
Web Apps Security
Web Apps SecurityWeb Apps Security
Web Apps Security
Victor Bucutea
 
Reviewing AngularJS
Reviewing AngularJSReviewing AngularJS
Reviewing AngularJS
Lewis Ardern
 
Neoito — Secure coding practices
Neoito — Secure coding practicesNeoito — Secure coding practices
Neoito — Secure coding practices
Neoito
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
Javan Rasokat
 
DevOps and the Future of Enterprise Security
DevOps and the Future of Enterprise SecurityDevOps and the Future of Enterprise Security
DevOps and the Future of Enterprise Security
Frank Kim
 
JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks
JSMVCOMFG - To sternly look at JavaScript MVC and Templating FrameworksJSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks
JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks
Mario Heiderich
 
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
Grand Parade Poland
 
09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)
09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)
09 - express nodes on the right angle - vitaliy basyuk - it event 2013 (5)
Igor Bronovskyy
 
Whatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the processWhatever it takes - Fixing SQLIA and XSS in the process
Whatever it takes - Fixing SQLIA and XSS in the process
guest3379bd
 
StHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFG
StHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFGStHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFG
StHack 2014 - Mario "@0x6D6172696F" Heiderich - JSMVCOMFG
StHack
 
Hunting Security Bugs in Modern Web Applications
Hunting Security Bugs in Modern Web ApplicationsHunting Security Bugs in Modern Web Applications
Hunting Security Bugs in Modern Web Applications
Toe Khaing
 
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web InterfacesThey Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
michelemanzotti
 
手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務手把手教你如何串接 Log 到各種網路服務
手把手教你如何串接 Log 到各種網路服務
Mu Chun Wang
 
Application Security around OWASP Top 10
Application Security around OWASP Top 10Application Security around OWASP Top 10
Application Security around OWASP Top 10
Sastry Tumuluri
 
Reviewing AngularJS
Reviewing AngularJSReviewing AngularJS
Reviewing AngularJS
Lewis Ardern
 
Ad

More from David Paluy (15)

Intro to Smart Contracts
Intro to Smart ContractsIntro to Smart Contracts
Intro to Smart Contracts
David Paluy
 
Decentralizing Everything with Blockchain
Decentralizing Everything with BlockchainDecentralizing Everything with Blockchain
Decentralizing Everything with Blockchain
David Paluy
 
Testing with Rspec 3
Testing with Rspec 3Testing with Rspec 3
Testing with Rspec 3
David Paluy
 
Continuous integration for Ruby on Rails
Continuous integration for Ruby on RailsContinuous integration for Ruby on Rails
Continuous integration for Ruby on Rails
David Paluy
 
Tdd - Test Driven Development
Tdd - Test Driven DevelopmentTdd - Test Driven Development
Tdd - Test Driven Development
David Paluy
 
Knowledge sharing at MESH
Knowledge sharing at MESHKnowledge sharing at MESH
Knowledge sharing at MESH
David Paluy
 
Juicy Ruby 2.1
Juicy Ruby 2.1Juicy Ruby 2.1
Juicy Ruby 2.1
David Paluy
 
The Secret: How Programmers Develop Code
The Secret: How Programmers Develop CodeThe Secret: How Programmers Develop Code
The Secret: How Programmers Develop Code
David Paluy
 
Tools to help you understand other people's code
Tools to help you understand other people's codeTools to help you understand other people's code
Tools to help you understand other people's code
David Paluy
 
Debugging and Profiling Rails Application
Debugging and Profiling Rails ApplicationDebugging and Profiling Rails Application
Debugging and Profiling Rails Application
David Paluy
 
Ruby On Rails coding conventions, standards and best practices
Ruby On Rails coding conventions, standards and best practicesRuby On Rails coding conventions, standards and best practices
Ruby On Rails coding conventions, standards and best practices
David Paluy
 
Git flow Introduction
Git flow IntroductionGit flow Introduction
Git flow Introduction
David Paluy
 
Faster on Rails
Faster on RailsFaster on Rails
Faster on Rails
David Paluy
 
Howto prepare fund raising presentation
Howto prepare fund raising presentationHowto prepare fund raising presentation
Howto prepare fund raising presentation
David Paluy
 
Test driven-development
Test driven-developmentTest driven-development
Test driven-development
David Paluy
 
Intro to Smart Contracts
Intro to Smart ContractsIntro to Smart Contracts
Intro to Smart Contracts
David Paluy
 
Decentralizing Everything with Blockchain
Decentralizing Everything with BlockchainDecentralizing Everything with Blockchain
Decentralizing Everything with Blockchain
David Paluy
 
Testing with Rspec 3
Testing with Rspec 3Testing with Rspec 3
Testing with Rspec 3
David Paluy
 
Continuous integration for Ruby on Rails
Continuous integration for Ruby on RailsContinuous integration for Ruby on Rails
Continuous integration for Ruby on Rails
David Paluy
 
Tdd - Test Driven Development
Tdd - Test Driven DevelopmentTdd - Test Driven Development
Tdd - Test Driven Development
David Paluy
 
Knowledge sharing at MESH
Knowledge sharing at MESHKnowledge sharing at MESH
Knowledge sharing at MESH
David Paluy
 
The Secret: How Programmers Develop Code
The Secret: How Programmers Develop CodeThe Secret: How Programmers Develop Code
The Secret: How Programmers Develop Code
David Paluy
 
Tools to help you understand other people's code
Tools to help you understand other people's codeTools to help you understand other people's code
Tools to help you understand other people's code
David Paluy
 
Debugging and Profiling Rails Application
Debugging and Profiling Rails ApplicationDebugging and Profiling Rails Application
Debugging and Profiling Rails Application
David Paluy
 
Ruby On Rails coding conventions, standards and best practices
Ruby On Rails coding conventions, standards and best practicesRuby On Rails coding conventions, standards and best practices
Ruby On Rails coding conventions, standards and best practices
David Paluy
 
Git flow Introduction
Git flow IntroductionGit flow Introduction
Git flow Introduction
David Paluy
 
Howto prepare fund raising presentation
Howto prepare fund raising presentationHowto prepare fund raising presentation
Howto prepare fund raising presentation
David Paluy
 
Test driven-development
Test driven-developmentTest driven-development
Test driven-development
David Paluy
 
Ad

Recently uploaded (13)

Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...
Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...
Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...
leonardoquispeyapu6
 
Pengenalan Berpikir Kritis Critical_Thinking_Intro.pptx
Pengenalan Berpikir Kritis Critical_Thinking_Intro.pptxPengenalan Berpikir Kritis Critical_Thinking_Intro.pptx
Pengenalan Berpikir Kritis Critical_Thinking_Intro.pptx
JabbarAPanggabean
 
CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...
CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...
CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...
johnmeynardbautista9
 
Embracing Adaptability (setback) - Istvan Patzay
Embracing Adaptability (setback) - Istvan PatzayEmbracing Adaptability (setback) - Istvan Patzay
Embracing Adaptability (setback) - Istvan Patzay
isti84
 
Erikson’s theory , 8-stages of life , their importance
Erikson’s theory , 8-stages of life , their importanceErikson’s theory , 8-stages of life , their importance
Erikson’s theory , 8-stages of life , their importance
uf415127
 
crucial-conversations-training-powerpoint.pptx
crucial-conversations-training-powerpoint.pptxcrucial-conversations-training-powerpoint.pptx
crucial-conversations-training-powerpoint.pptx
vikramdas40
 
Cognitive development revised - Copy.ppt
Cognitive development revised - Copy.pptCognitive development revised - Copy.ppt
Cognitive development revised - Copy.ppt
MasahiroNagasawa1
 
How to Prepare for and Survive a Power Outage
How to Prepare for and Survive a Power OutageHow to Prepare for and Survive a Power Outage
How to Prepare for and Survive a Power Outage
Bob Mayer
 
Emotions and emotional intelligence skills
Emotions and emotional intelligence skillsEmotions and emotional intelligence skills
Emotions and emotional intelligence skills
DRKAMINIBHASIN
 
Unlocking the Secrets of Love: The Science Behind Heartfelt Connections
Unlocking the Secrets of Love: The Science Behind Heartfelt ConnectionsUnlocking the Secrets of Love: The Science Behind Heartfelt Connections
Unlocking the Secrets of Love: The Science Behind Heartfelt Connections
Vikash Gautam
 
ee case study and evaluation of biodiesel
ee case study and evaluation of biodieselee case study and evaluation of biodiesel
ee case study and evaluation of biodiesel
SwaroopDalvi
 
Violence against women , finding from the 2008 national demografic
Violence against women , finding from the 2008 national demograficViolence against women , finding from the 2008 national demografic
Violence against women , finding from the 2008 national demografic
oppateamo1234
 
Sentence-Errors.pptxssssssssssssssssssss
Sentence-Errors.pptxssssssssssssssssssssSentence-Errors.pptxssssssssssssssssssss
Sentence-Errors.pptxssssssssssssssssssss
rexjosiahzosa
 
Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...
Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...
Spain is a country in southwestern Europe, located on the Iberian Peninsula. ...
leonardoquispeyapu6
 
Pengenalan Berpikir Kritis Critical_Thinking_Intro.pptx
Pengenalan Berpikir Kritis Critical_Thinking_Intro.pptxPengenalan Berpikir Kritis Critical_Thinking_Intro.pptx
Pengenalan Berpikir Kritis Critical_Thinking_Intro.pptx
JabbarAPanggabean
 
CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...
CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...
CUTS Report by JOHN MEYNARD BARRUGA BAUTISTA, SHENE MERRYLAND BAUTISTA, AND A...
johnmeynardbautista9
 
Embracing Adaptability (setback) - Istvan Patzay
Embracing Adaptability (setback) - Istvan PatzayEmbracing Adaptability (setback) - Istvan Patzay
Embracing Adaptability (setback) - Istvan Patzay
isti84
 
Erikson’s theory , 8-stages of life , their importance
Erikson’s theory , 8-stages of life , their importanceErikson’s theory , 8-stages of life , their importance
Erikson’s theory , 8-stages of life , their importance
uf415127
 
crucial-conversations-training-powerpoint.pptx
crucial-conversations-training-powerpoint.pptxcrucial-conversations-training-powerpoint.pptx
crucial-conversations-training-powerpoint.pptx
vikramdas40
 
Cognitive development revised - Copy.ppt
Cognitive development revised - Copy.pptCognitive development revised - Copy.ppt
Cognitive development revised - Copy.ppt
MasahiroNagasawa1
 
How to Prepare for and Survive a Power Outage
How to Prepare for and Survive a Power OutageHow to Prepare for and Survive a Power Outage
How to Prepare for and Survive a Power Outage
Bob Mayer
 
Emotions and emotional intelligence skills
Emotions and emotional intelligence skillsEmotions and emotional intelligence skills
Emotions and emotional intelligence skills
DRKAMINIBHASIN
 
Unlocking the Secrets of Love: The Science Behind Heartfelt Connections
Unlocking the Secrets of Love: The Science Behind Heartfelt ConnectionsUnlocking the Secrets of Love: The Science Behind Heartfelt Connections
Unlocking the Secrets of Love: The Science Behind Heartfelt Connections
Vikash Gautam
 
ee case study and evaluation of biodiesel
ee case study and evaluation of biodieselee case study and evaluation of biodiesel
ee case study and evaluation of biodiesel
SwaroopDalvi
 
Violence against women , finding from the 2008 national demografic
Violence against women , finding from the 2008 national demograficViolence against women , finding from the 2008 national demografic
Violence against women , finding from the 2008 national demografic
oppateamo1234
 
Sentence-Errors.pptxssssssssssssssssssss
Sentence-Errors.pptxssssssssssssssssssssSentence-Errors.pptxssssssssssssssssssss
Sentence-Errors.pptxssssssssssssssssssss
rexjosiahzosa
 

Security on Rails