Inoculating Rails Auth Against Bug Bounty Hunters by Jason Meller

You’ve rolled up your sleeves and built the most secure custom auth ever conceived by a dev team. Suddenly, your CTO informs you that your app will be participating in the Org’s new Bug Bounty program. Terror fills your heart as you imagine security experts making mince-meat of your beautiful auth system. If only you knew their game plan… Kolide’s CEO, Jason Meller has been rolling his own Rails auth for over a decade …