Recreating redux-toolkit’s createSlice

October 7, 2020

In this post, we want to demystify createSlice by building our own stripped down version of it for new engineers to use as a reference guide when learning redux.

Going on a Powertrip

October 2, 2020

If you have a product and customers, then you also have members of your team who need access to critical systems in order for your company to function. Safeguarding credentials that can access these systems via mechanisms like 2FA, U2F, and key rotation is necessary but not sufficient. You must also monitor for key security events and review each to ensure your protections are working as intended.

Here at Aptible, we’ve solved the problem of monitoring and requesting approval for security events via a lightweight Slack integration we built called Powertrip. With Powertrip, we are able to send Slack notifications to relevant team members about key security events within minutes of the event happening.

Securing websites via HTTP Security Headers

September 9, 2020

We recently rolled out updated HTTP security headers for Comply. Following best practices with HTTP security headers can be a quick way to add an additional layer of security to a website, so we wanted to share our work here in hopes that others might find it helpful.

What is a UX Engineer at Aptible?

September 2, 2020

UX Engineers at Aptible play an important role in the product development process by blending UX knowledge with technical skills to fill the gap between design and engineering.

Death by a thousand existential checks

August 13, 2020

Existential checks are when we have to detect whether or not a variable has a value - that is, checking to see if a variable exists. If the value is `null`, `undefined` or otherwise falsy, then it fails the check. This usually takes the form of an if-statement.

“Finding” Your Way to Better Security in Multitenant Rails Applications

July 29, 2020

Let’s say you’ve created a SaaS application that lets customers keep track of their vendors. Things are going well and you’re adding many customers. One day, a curious customer starts messing around with the IDs in URLs and stumbles across a vendor they shouldn’t have access to. This is Very Bad™, especially if your customers are relying on your application to store sensitive information!

Meltdown and Spectre are Critical Vulnerabilities for Cloud Infrastructure. Here’s How the Aptible Security Team Responded

January 9, 2018

Vulnerability Scanning for your Dependencies: Why and How

May 21, 2017

Aptible was not affected by Cloudbleed

February 23, 2017