1. Why remove user tracking?

    Individual tracking has been removed from thoughtbot.com. Learn more about why and how we made this change.

    Chad Pytel and Lindsey Christensen

  2. New online workshop: Protect your Rails app against security threats during COVID-19

    Join us as we discuss the rise of security threats during COVID-19, and how upgrading your Rails application can protect your business and users.

    Daniel Colson

  3. Web Security During the COVID-19 Pandemic

    The COVID-19 pandemic has brought with it an increase in cyber threats, but we can fight back by being more thoughtful about web security.

    Daniel Colson

  4. Protecting User Data in HIPAA Compliant Staging Environments

    How to populate your staging environment with data while keeping user data secure.

    Sweta Sanghavi

  5. Health Tech, HIPAA, and Humans

    A brief introduction to HIPAA compliance for developers in health technology.

    Mike Wenger and Sarah Cassidy

  6. Is Your Site Leaking Password Reset Links?

    Emailed password reset links are a common part of web applications. Is your site leaking these confidential links to third party sites?

    Derek Prior

  7. Paperclip IS vulnerable to ImageTragick

    Paperclip is affected by CVE-2016–3714 if used with ImageMagick 7.0.1-0 or earlier.

    Tute Costa

  8. ImageMagick vulnerability does not affect Paperclip

    There is no need to upgrade Paperclip in light of CVE-2016–3714. You may choose to upgrade ImageMagick regardless.

    Tute Costa

  9. Paperclip Security Release

    We released Paperclip v4.2.2 with a security fix.

    Tute Costa

  10. Building secure web applications with Ruby on Rails

    Ruby on Rails makes it easy to build web apps with security in mind.

    Murtaza Gulamali

Sign up to receive a weekly recap from Giant Robots