Application Penetration and Code Analysis for Non-Developers

Application security competence found at bottom

As most techsec professionals, I’ve been asked to do more and more in application security matters, an area that I’ve usually seen specialist ninjas dominate due to the often extreme technical depth required of the realm.

I’ve written previously about how [in]competence seems to be very hard to […]

Agile Infosec

This is a reprint of my comment to a Joshua Corman’s posting on The Fudsec Blog. Consider going there to read his article and the discussion that followed.

I can’t link to my comment there and, since I’m going to continue down the rabbit hole on this particular topic, I wanted to be certain that […]

What we do

It’s nice that geeks are cool now. Now there are a lot of people who say they’re hardcore. Here’s some of them:

These stereotypes are not who I’m going to be talking about, though I do have some guilty pleasures of a few of those portrayed above. I’m going to talk about me and […]