diff --git a/lib/brakeman/checks/base_check.rb b/lib/brakeman/checks/base_check.rb
index 3524ce51fbf30929072727d7543227eea4258ce5..e17b85533a163a637e030050743b022d0874c7df 100644
--- a/lib/brakeman/checks/base_check.rb
+++ b/lib/brakeman/checks/base_check.rb
@@ -12,10 +12,10 @@ class Brakeman::BaseCheck < Brakeman::SexpProcessor
   CONFIDENCE = { :high => 0, :med => 1, :low => 2 }
 
   Match = Struct.new(:type, :match)
-  
+
   class << self
     attr_accessor :name
-  
+
     def inherited(subclass)
       subclass.name = subclass.to_s.match(/^Brakeman::(.*)$/)[1]
     end
@@ -177,8 +177,9 @@ class Brakeman::BaseCheck < Brakeman::SexpProcessor
       tracker.config[:rails][:active_record][:whitelist_attributes] == Sexp.new(:true)
 
       @mass_assign_disabled = true
-    elsif version_between?("4.0.0", "4.9.9") and not tracker.config[:gems][:protected_attributes]
-      #May need to revisit dependng on what Rails 4 actually does/has
+    elsif version_between?("4.0.0", "4.9.9") && (!tracker.config[:gems][:protected_attributes] || (tracker.config[:rails][:active_record] &&
+            tracker.config[:rails][:active_record][:whitelist_attributes] == Sexp.new(:true)))
+
       @mass_assign_disabled = true
     else
       #Check for ActiveRecord::Base.send(:attr_accessible, nil)
diff --git a/test/apps/rails4_with_engines/config/environments/production.rb b/test/apps/rails4_with_engines/config/environments/production.rb
index ddfe7eca8fa6884ed8d2ad4f7bac8ef9871f456a..cf9c97c18e9a3b4f7cb188ebb3daeab21b9c22a1 100644
--- a/test/apps/rails4_with_engines/config/environments/production.rb
+++ b/test/apps/rails4_with_engines/config/environments/production.rb
@@ -72,6 +72,12 @@ Rails4::Application.configure do
   # Send deprecation notices to registered listeners.
   config.active_support.deprecation = :notify
 
+  # Enforce whitelist mode for mass assignment. (now used by protected_attributes gem)
+  # This will create an empty whitelist of attributes available for mass-assignment for all models
+  # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
+  # parameters by using an attr_accessible or attr_protected declaration.
+  config.active_record.whitelist_attributes = false
+
   # Disable automatic flushing of the log to improve performance.
   # config.autoflush_log = false
 
diff --git a/test/tests/mass_assign_disable.rb b/test/tests/mass_assign_disable.rb
index 7dcd06c66ed559c02b9f8c5b3c0ec0b9b936e274..d6709b21a53540fd63c25f8475f4dbe6c2406fa3 100644
--- a/test/tests/mass_assign_disable.rb
+++ b/test/tests/mass_assign_disable.rb
@@ -63,7 +63,7 @@ class MassAssignDisableTest < Test::Unit::TestCase
     assert_new 0
   end
 
-  def test_protected_attributes_gem
+  def test_protected_attributes_gem_without_whitelist_attributes
     before_rescan_of "Gemfile", "rails4_with_engines" do
       append "Gemfile", "gem 'protected_attributes'"
     end
@@ -74,6 +74,22 @@ class MassAssignDisableTest < Test::Unit::TestCase
     assert_new 1
   end
 
+  def test_protected_attributes_gem_with_whitelist_attributes
+    config = "config/environments/production.rb"
+
+    before_rescan_of ["Gemfile", config], "rails4_with_engines" do
+      append "Gemfile", "gem 'protected_attributes'"
+
+      replace config, "config.active_record.whitelist_attributes = false",
+        "config.active_record.whitelist_attributes = true"
+    end
+
+    assert_reindex :none
+    assert_changes
+    assert_fixed 0
+    assert_new 0
+  end
+
   def test_strong_parameters_with_send
     init = "config/initializers/mass_assign.rb"
     gemfile = "Gemfile"