Tag: cybersecurity

Stop Checking admin?: Designing Authorization That Won’t Become Technical Debt (Kaigi on Rails 2025)

February 17, 2026 Modern Rails applications rarely fail because of authentication — they fail because of authorization complexity. As products grow, roles multiply, exceptions accumulate, and permission checks scatter across controllers, models, views, and frontend code. What begins as a simple current_user.admin? quickly becomes an unmaintainable web of implicit rules. At Kaigi on Rails 2025, … Continue reading Stop Checking admin?: Designing Authorization That Won’t Become Technical Debt (Kaigi on Rails 2025)

🔐 Securing Your Ruby Apps with bundler-audit

June 10, 2025 In today’s world of frequent security breaches, keeping your Ruby application’s dependencies secure is non-negotiable. That’s where bundler-audit steps in—a powerful command-line tool that scans your Gemfile.lock for known vulnerabilities and insecure gem sources. 🛠 What is bundler-audit? bundler-audit checks your project for: Vulnerable versions of gems (by comparing with the ruby-advisory-db) … Continue reading 🔐 Securing Your Ruby Apps with bundler-audit