Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. If you happen to use the Hudson/Jenkins continuous integration tool, there is a Brakeman plugin for it.