Semi-annual diversity update from Gusto's Engineering team

Edward Kim

Code reviews can be leveraged for so much more than finding bugs. In this post, learn how to approach a code review and give feedback to your team that ensures quality and growth.

Casey Rollins

Have you ever opened a pull request and been stuck on filling out the description? Do you feel like you could be getting more out of your code reviews? If so, the tips in this post are for you.

Casey Rollins

When tidying it is important to differentiate between structural and behavioral changes. Behavioral change means changing the way the code operates. Changing the return value of a function is an example of a behavioral change. Structural change, on the other hand, does not change how the code...

Tori Huang

Job titles with the word "data" in them are known to be an enigmatic black box. This post explains how the pieces of the data pipeline fit together and how different teams interact with them.

Lindsey Whitley

Understanding how to build Single Sign On (SSO) using the OAuth 2.0 framework with OpenID Connect may seem like a daunting task. This practical guide will show you how to build a secure SSO system.

Tori Huang

Introduction During my time at Gusto as a part of the Application Security team, I’ve been exploring ways to improve defense against Cross-Site Scripting (XSS) in modern web applications. At Gusto, we primarily use Ruby on Rails

Edward Qiu

How we introduced granular authorization into our application and API. Illustration by Camellia Neri Last year, my team extended Gusto’s authorization system to give admins granular access to their companies’ accounts. In software security terms, authorization is

Flora Jin