Passwords aren't going away...
Thinking clearly during a ransomware attack is key, helping to save your data.
A discussion of the differences between "having permissions" and "having authority".
User authentication is an important consideration when designing any system. Here's how we decided to use OAuth for eVitabu.
A summary of my key take aways from January's conference.
Cyber attacks are a regular occurrence, and it's important that we learn from them.
It's important to review the paper you re-use to avoid leaking confidential information.
The difference between the web of trust and delegating your trust to a third party.
Password cracking can be an invaluable tool when it comes to checking your organisation's password hygiene.
Considering privacy and security with the IoT and smart homes.
A look at Next Generation firewalls and the extra services they often provide.
A short write up following the Kent Cyber Security Forum 2019.
When you've found a vulnerability, bug or data leak how do you report it? This post looks at the considerations for disclosure.
What's the difference between filtering and censorship? This is a fine line and something I discuss following years of managing web and email filters.
Sometimes evidence of crime can be found during penetration tests, so what do you do? I'll discuss the various dilemmas professionals face following some Twitter research.
Thoughts on being fair and considerate when investigating others.
A discussion about the ethics of deleting emails from someone else's mailbox.
Logging: what's too much? Is there too little? How long should I keep them? This post discusses factors to consider when configuring logging.
A quick look at what a basic firewall is, and how it works.
Discussing some of the ways to prevent insecure direct object reference issues.
Analysis of some obfuscated VBScript that a malicious email wanted us to download.
Slides from my recent conference talk on the threat of security knowledge gaps.
How I got into cybersecurity - the story so far.
Having recently moved from Keepass to LastPass, I discuss my experience so far.
A plea to software vendors so we can all work better together.
Stay up to date! Get all the latest & greatest posts delivered straight to your inbox