The Security Work That's Actually on You
Rails handles framework-level security defaults — but authorization, rate limiting, CSP, session hardening, and encrypted attributes are decisions only you can make.
404
Page not found
Sorry, we couldn’t find the page you’re looking for. But don't worry, you're not lost in space—just on an empty URL.
While you're here, check out my latest articles:
Rails Has Your Back: Security You Don't Have to Think About
Rails security defaults cover CSRF, SQL injection, XSS, encrypted sessions, and more — here's what the framework handles before you write business logic.
From Prompt to MVP at Claude Colima
The tools and workflow I use to ship Rails MVPs with Claude — from market research to spec-driven development — shared at the Claude Colima meetup.