Interesting talk about a team that integrated automated security testing into their BDD workflow.
Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)
There is also a video of the talk Show archive.org snapshot .