Remember January 2013? A major vulnerability was found in Rails and the whole community got riled up: blog posts, rushed security audits, impromptu email alerts… No one really expected it in the Rails world because Rails was considered so “secure.” Then a new disaster came: RubyGems—the heart of any Ruby project—was compromised; several companies started to consider migrating their projects to Python or Java. This was clearly a serious problem…

I think there is a better way to handle security and here is a high level article about it.