OWASP AppSec California Recap
I spent the week at OWASP AppSec California in Santa Monica and had a great time! This is the 2nd year of having the event at […]
NT OBJECTives
Tales from the web scanning front: Don’t eat the entire buffet at once
One of the more common problems that we see is customers trying to bite off more of their application infrastructure at once than they can […]
Tales from the Web Scanning Front: Why is This Scan Taking So Long?
As CEO, I’m constantly emphasizing the importance of customer support and trying to attend several support calls each week to stay on top of our […]
HouSecCon 2011 and B-Sides ATL Review
Last week was a travel week. On Wednesday I was in Austin for some meetings, then headed to Houston for the second annual HouSecCon on […]
Phishanomics: The Economics of Phishing, the iframe attack and the Brand ROI of Security Spending
This paper will argue that the iframe attack (popularized by the Bank of India hack) has fundamentally altered the way that security professionals must defend […]
Security Snake Oil
Why Known Vulnerability Checks for Web Applications Simply Don’t Work. This paper explains the ineffectiveness of known vuln checkers such as Nikto, Wikto and other […]