Clik here to view.
OWASP AppSec California Recap
I spent the week at OWASP AppSec California in Santa Monica and had a great time! This is the 2nd year of having the event at this location, and even as a southern California native, it is a beautiful...
View ArticleClik here to view.
Security Snake Oil
Why Known Vulnerability Checks for Web Applications Simply Don’t Work. This paper explains the ineffectiveness of known vuln checkers such as Nikto, Wikto and other such solutions added to network...
View ArticleClik here to view.
Phishanomics: The Economics of Phishing, the iframe attack and the Brand ROI...
This paper will argue that the iframe attack (popularized by the Bank of India hack) has fundamentally altered the way that security professionals must defend less important websites. By allowing...
View ArticleClik here to view.
HouSecCon 2011 and B-Sides ATL Review
Last week was a travel week. On Wednesday I was in Austin for some meetings, then headed to Houston for the second annual HouSecCon on Thursday. I have to say that I was blown away at how much bigger...
View ArticleClik here to view.
Tales from the Web Scanning Front: Why is This Scan Taking So Long?
As CEO, I’m constantly emphasizing the importance of customer support and trying to attend several support calls each week to stay on top of our support quality and what customers are asking....
View ArticleClik here to view.
Tales from the web scanning front: Don’t eat the entire buffet at once
One of the more common problems that we see is customers trying to bite off more of their application infrastructure at once than they can chew. A certain amount of planning will yield better, more...
View Article
