A Practical Guide to Building Secure SSO

Understanding how to build Single Sign On (SSO) using the OAuth 2.0 framework with OpenID Connect may seem like a daunting task. This practical guide will show you how to build a secure SSO system.…

Read this article

Nonce-based Content Security Policy (CSP) in Rails

Introduction During my time at Gusto as a part of the Application Security team, I’ve been exploring ways to improve defense against Cross-Site Scripting (XSS) in modern web applications. At Gusto, we primarily use Ruby on Rails and React.js. Individually each framework comes with some XSS protections out…

Read this article