Build a habit of shipping by sharing your daily, incremental progress
See how other makers are growing their business
Members are invited by existing members
Receive outside perspective when you need it
Connect with others through weekly video hangouts
Get access to our members-only perks and discounts
👋 Join WIP to participate
Yes! I think it's one of the most important parts. Users trust you with their data. I don't use any tool but I write tests for critical parts of the applications :). There's also a lot of good practices to make programs more secure. I use OWASP Top 10 as one of my references, you can find it here: www.owasp.org/index.php/Top_1…
SSL + Devise (Rails) or just encrypt every message my users send, so even if a hacker got access to my DB he will just obtain a bunch of hashes with nonsense.
For e-mails, I just recollect all the emails send it directly to my MailChimp/Mailgun marketing list so when this arrives at my DB all of them are already encrypted. So no data to disclose.
I know that I could be making my app safe if I invest time in developing some security measures, but in the end, unless you are delivering for a big company or a hot startup, you should be shipping a better product instead of doing backend work.
I always use community libs for auth and password storage, so I don't have to implement my own logic.
Servers have some firewall rules and auth is only via ssh keys.
Let's encrypt on every domain, always.
Above everything, I ~never~ store sensitive data that isn't needed.