1Password joins the Rails Foundation: Strengthening the community, empowering developers
by Jason Meller on
We’re excited to share some big news: 1Password is officially joining the Rails Foundation!
And we’re not just joining – we’re going all in as a core member, standing shoulder to shoulder with companies that support the brilliant minds behind Rails, including some of our fellow Canadians. This is more than just a badge of honor for us; it’s a commitment to support the Rails ecosystem in the best way we know how: with our dollars, our time, and our passion for building great security tools.
As part of this commitment, I’m excited to join the Rails Foundation’s board of directors. Together, we’ll focus on making Rails even more accessible and valuable for developers at all levels—whether they’re just discovering the framework or have been shipping Rails apps for decades.
“Wait, is 1Password written in Rails?” you may be wondering. No, not one lick of it. “Are we rewriting it in Rails?” Still no.
If you haven’t followed along, a lot has changed with 1Password over the last few years. We’re more than your friendly neighborhood password manager and have a big appetite to solve many of the unsolved problems at the intersection of security and humanity.
1Password is joining the Rails Foundation for three reasons: Rails is where the future is, Rails is where the community is, and Rails is where the challenge is.
Rails: It’s where the future is
Earlier this year, my company, Kolide, was acquired by 1Password. Kolide is a product that integrates with your SSO provider to ensure that if a device isn’t secure, it can’t access your apps. Shortly after the acquisition, 1Password announced Extended Access Management (XAM), a platform that brings the capabilities of Kolide into a solution that secures all authentications for all users, devices, and apps.
A screenshot of the Kolide admin dashboard. 100% Ruby on Rails.
Nearly a year later, the results are in. Extended Access Management has gone gangbusters, smashing the wildest expectations we had hoped for. And it’s time to double down.
Kolide is a Rails application. And it’s not a tiny one. Beyond powering device trust for millions of authentications for innovative companies like Databricks, Discord, Anduril, Robinhood, Hugging Face, Asana, and many others, it serves thousands of web requests per second and processes billions of asynchronous jobs every month, all while boasting four nines (99.99%) of annual uptime every year since we began measuring it.
commit 164772c7fda9cbd197bf62f1344852ef7f92eb02
Date: Mon Jan 28 13:36:30 2019 -0500
Author: Jason Meller <jason.meller@gmail.com>
Date: Mon Jan 28 12:57:44 2019 -0500
Initial commit
Humble beginnings: Kolide, as we know it, started its life as a Rails app back in 2019.
And Kolide is really unapologetically Rails. We’re on Rails 8, Rack 3, and Ruby 3.3, and our front end is good old HTML over the Wire. We stay on the bleeding edge of Rails because we love the framework. And we at 1Password are loving the results.
Fitting in with other engineers is not about tech stacks but values. Our decision to use Rails is a way to express those values: speed of execution, focus, craftsmanship, and unceasing care for the customer.
As we build more components of the Extended Access Management vision, we’re choosing Rails again for the same reason we chose it the first time: it’s a cheat code to attract the next generation of software engineers who share our values. And not just values around engineering, but also those of Honest Security, a philosophy inspired in part by two core members of the Rails team.
1Password’s investment in the Rails Foundation symbolizes our commitment to and sincerity in our decision to use Rails and to create the environment Rails engineers need to thrive. We’re in this for the long run. As someone who has been a part of the Rails community for over 12 years, I know they are the right folks to bet our future on.
Rails: It’s where the community is
Rails is a natural watering hole for engineers who care about security. Out of the box, Rails has far and away some of the best defaults and configuration when it comes to protecting both developers and the folks who use the software they build. It’s a framework for folks who want to do everything right, and makes the right way, the easy way. You can see this theme in both new features like authentication generators, request rate-limiting, and the ones that have now been in the framework for years, such as a built-in CSP DSL, attribute-level database encryption, or signed IDs.
This strikes a chord with us at 1Password. Our purpose is to convey our domain knowledge of security via software so that everyone has the means to stay secure.
1Password is quickly establishing itself as the best tool for engineers to ply their trade securely. This means helping developers solve complicated authentication and secrets management problems from their devices to the production server. With the recent release of Kamal as part of Rails 8, production deployment and secrets management are the topics of the hour in the community. We were delighted when kamal secrets shipped with 1Password support at Rails World. And we’re even more excited as Rails developers find even more ways to take their Kamal story forward with our SSH key management and SSH Key agent support.
1Password is a great choice to both source secrets for Kamal and authenticate to remote servers via SSH.
At this year’s Rails World, we connected with David Heinemeier Hansson, more commonly known as DHH, and many other members of the 37signals team to discuss how we can further improve 1Password to make the ergonomics of deployment and SSH key lifecycle management even easier.
More importantly, we want to invest time building and sharing content we are subject matter experts in with folks who are eager to listen. That means giving talks, creating tutorials, providing resources, submitting contributions, sharing best practices, and building software that makes building software safer for the developer, their employer, and, most importantly, the users.
Joining the foundation is a catalyst for these efforts and provides us with a larger megaphone to reach perhaps one of the most security-conscious developer communities.
Rails: It’s where the challenge is
Since Kolide began writing its Rails app in 2019, we’ve enjoyed the benefits of standing on the shoulders of giants as we’ve scaled our application. As we’ve grown Rails has grown with us, providing us with just the capability we needed with almost spooky timing.
Given how this year has turned out there is little doubt in my mind that the well-worn paths our wagon has tread will start giving way to untouched green fields. As we further plumb the depths of Rails to chart our course through uncharted waters, we know we will want to illuminate the path forward for other security-focused companies to follow.
Joining the Rails Foundation gives us two things to meet this challenge: an accelerated path to befriend the folks who have done this before, and even more importantly, it provides us with new venues like next year’s Rails World to share our findings with the community.
But in other ways, joining the foundation is a new call to adventure. Back in 2019, I knew I couldn’t do it alone, and so we assembled one of the best engineering teams I’ve had the opportunity to work with. But more adventure awaits and this team of brave explorers needs your help!
So what are you waiting for? Heed the call to adventure and apply to our Rails developer positions at 1Password today!
Jason Meller
VP, Product Management
Tweet about this post