loyalty.dev

Find out how our team managed risks in an existing live partner project using various tools and processes.

In recent years, there have been many news reports of security breaches involving personally identifiable information (PII). In this article, we describe our solution to managing encrypted data records whilst enabling searches based on customer PII.

The first little step on our journey to upgrade our Hanami 1.3 services to Hanami 2.0. This article opens a series of posts related to upgrading Hanami projects. This time we'll cover the Migrations upgrade.

ActiveRecord provides a simple, block-based API for working with database transactions. Any exception from within the block will roll back the transaction. This works great for simple cases, but what happens if you return from within the block?

Most applications today involve some type of background processing (such as sending notification to a customer) in the form of jobs. Sidekiq is one of the popular background job processor out in the community and we use it extensively at Ascenda.

If you've ever wondered whether your sensitive data is sufficiently protected against various forms of exfiltration, you might want to take into consideration a trending attack known as DNS Tunneling.

Anomaly detection enables abnormal metric trends in your system to be detected by analysing historical data. It is also an effective tool for detecting frauds and mitigating risks.

In our previous post, we gave an overview of our Ops and the challenges of acquiring information for day to day support of the different teams beginning with metrics.

Observability is a topic that appears in multiple disciplines, typically from the engineering, IT Ops or DevOps point of view. Your organisation might also have an SRE team whose engaged with you on this.

Code reviewing is one of the most underrated topics in software development. When done correctly, it can be a key element in the development cycle and help teams maintain a cleaner code base.

RuboCop can be a tremendously useful tool, but despite being created by some very smart people, it itself is not that smart, and treating it as if it were can often lead us astray.

We hear it all the time: prefer composition over inheritance. But when dealing with a legacy code base already riddled with complex inheritance chains, where do we even start?