Listen in on this episode of the Ready, Set Secure Podcast I joined in on. On this week’s show Senior Security Consultant, Greg Porterfield, and […]
Podcast: Play in new window | Download (Duration: 42:37 — 29.3MB)
Subscribe: Apple Podcasts | RSS
Listen in on this episode of the Ready, Set Secure Podcast I joined in on. Join Michael and Nick as they meet with Application Security […]
Podcast: Play in new window | Download (Duration: 36:32 — 25.1MB)
Subscribe: Apple Podcasts | RSS
*** This is a guest appearance I did on the Application Security Weekly Podcast Dan Kuykendall is the Senior Director of Application Security Products at […]
Podcast: Play in new window | Download (Duration: 37:31 — 21.5MB)
Subscribe: Apple Podcasts | RSS
[This is a copy of my blog post on the Rapid7 site – https://www.rapid7.com/blog/post/2019/05/02/how-insightappsec-can-help-you-improve-your-approach-to-application-security/] This is part three of a three-part series on application security. […]
This episode of Man vs Web App Podcast marks a significant transition as we introduce two new hosts of the podcast: David Howe and Garrett […]
Podcast: Play in new window | Download (Duration: 39:38 — 32.5MB)
Subscribe: Apple Podcasts | RSS
During the last year this blog (and podcast) was put on hold to deal with the acquisition of NT Objectives by Rapid7. I was highly occupied with […]
In the aftermath of the Mt. Gox meltdown and subsequent bankruptcy filing, I have been reading a lot of commentary on Bitcoin. Even Paul Krugman […]
We appreciate Kevin Beaver’s recent blog post about NTOSpider’s unique ability to authenticate on some of the trickiest applications and stay properly logged-in throughout the scan. At NTO we take pride […]
The podcasting returns! This is the first new episode of InfoSec Place and in a few days will be the return of my web security […]
Podcast: Play in new window | Download (Duration: 57:24 — 81.8MB)
Subscribe: Apple Podcasts | RSS
This November I will be presenting at AppSec USA, Revenge of the Geeks: Hacking Fantasy Football. So this year, I am starting a hackers only fantasy football league. Come join us to have fun and maybe make a little money!
Continuing my series on the talks I attended at 2013 Security B-Sides, this one from Dan Hubbard (CTO OpenDNS) and Frank Denis (@thinkumbrella) called, “Building […]
Last week, hackers gained access to Twitter’s internal systems and stole information, compromising 250,000 accounts. In a blog post, on Friday, Twitter announced that they […]
An Indian researcher, Prakhar Prasad found a Blind SQL Injection vulnerability in the Paypal Notifications (https://www.paypal-notify.com) application as part of a bug bounty program. The bug enabled him to […]
On the morning of the Twitter attack, I received this email: On one hand, I appreciate that Twitter was up front with their users, but […]
Most people are starting to realize that they need to start using more complex passwords, but generally believe: complex password = hard to remember This […]
All aboard the Pineapple Express, its a speeding bullet to the mobile backend! I’m looking forward to speaking at the upcoming B-Sides San Francisco. Most of […]
Anonymous Hackers hacked and defaced United States Sentencing Commission under the operation called “#opLastResort”. And also threatened the US government to release sensitive information. Hacked […]
Google Morocco was the latest victim of a Domain Name System or DNS attack. A notorious Pakistani leet hacker group named, “PAKbugs”, hijacked Google Morocco’s […]
Much has been written this week on the sad story of Aaron Swartz and the Anonymous hack executed in his name. This story has affected […]
This very useful talk was as much an education in HTML5 for me as it was an education on how HTML5 can be abused. I […]
First off, in the spirit of full disclosure, two points: One is that this talk took place at the same time as the Shreeraj Shah […]
SQL Server Exploitation, Escalation, and Pilfering The general thesis of this talk I attended by Scott Sutherland and Antti Rantasaari from @NetSpi is that SQL Server is mostly […]
This talk, by Ofer Maor, CTO – Quotium (Follow on Twitter, @quotium) at 2012 AppSecUSA, addressed something that I see is an up and coming issue, interactive in-memory code […]
Continuing my series of write-ups on the talks I attended at AppSecUSA this year. Sherif Koussa (@Skoussa) who is a Principal Application Security Consultant at Software Secured presented this talk […]
This is a continuation of my series on the talks I attended at OWASP AppSecUSA in October of this year. Presenters: Alejandro Caceres, Computer Network Operations Engineer […]
Copyright © 2023 | WordPress Theme by MH Themes