In this episode I talk with Michael Lubas, founder of Paraxial, a software security product for Ruby on Rails applications. We discuss his background in both development and penetration testing, and his recent creation of GemShop - a deliberately vulnerable Rails 8 e-commerce application designed to teach developers about web security through hands-on experience. Michael explains common attack vectors like credential stuffing, the legal complexities around security research, and why developers are actually very interested in security despite stereotypes. We also cover his experience at Rails World and how Paraxial helps Rails developers get started with security.

• Paraxial.io
• Michael Lubas on LinkedIn
• michael@paraxial.io
• Nonsense Monthly