Security articles by our experts

Apr 24, 2019

Malicious Backdoor Code Found in the Bootstrap-sass Ruby Gem

Open source application packages are easy to exploit given their reach and lack of robust security measures. The recent code vulnerabilities arising in bootstrap-saas Ruby gem are a result of incapacitated account security. We look into the malicious activity to understand what really caused it and learn what can be done to eradicate such a situation in the future.

Read more

Jun 28, 2017

Fin-Tech Projects Best Practices - Case Study

In the super critical sphere of fin-tech web app development, there’s no room for mistakes. Find out in our case study of a Ruby on Rails US Lease Management System the best practices for dealing with systems where customers real money is at stake in every line of code, every piece of the infrastructure, and in every hour of the day.

Read more

Jun 9, 2017

19 Quick Fixes for Getting Your Servers and Application Security Tighter Than Fort Knox

Don’t know where to start with your servers and application security? Need to know if you’ve plugged all the gaps? We’ve chopped down your essential systems security concerns into bite sized pieces so that you can implement them with ease.

Read more

May 26, 2017

How We Used Amazon Web Services to Save $84k Per Year (And Improve Performance!) with a Heroku Hosted Ruby on Rails App

84K in savings a year? Yup, that’s how much we managed to save this one company by migrating their app from Heroku over to AWS and reconfiguring their code – all because we were fine tuning performance. Moral of the story here is: make sure the team you have on board to write your code are good at what they do – otherwise you might just need to get our DevOps and software developers team in to help sort things out later…

Read more

May 10, 2017

Custom, Free Security for Modern Infrastructure Pipelines: OSSEC HIDS With a Twist

The more cloud services grow in complexity, size and reach, the more security and automation need to be enforced. There are many different approaches to ensuring that systems stay safe from the harm of threats such as DDoS attacks and rootkits, like antivirus software and firewalls. It is also highly beneficial to implement a custom Intrusion Detection System, to monitor your network and systems for malicious activity and policy violations.

Read more