An Hour of Code with Code.org
I am staggered and truly impressed by what the team at Code.org has accomplished in such a short period of time. When Hadi Partovi started conversations in May of this year with...
New Mac Install Guide
This guide may help you install some required and some helpful settings on a new mac. I originally wrote this for my company, Security Innovation, where we have very strict comp...
Understanding Customer Needs and Helping Them Mature
(Originally posted on the Security Innovation Blog) ##Security Innovation’s manifesto on being a trusted advisor Each client has different backgrounds as well as a different dep...
The Importance of Vulnerability Disclosure Programs and Bug Bounties
I’ve written before about how important responsible disclosure is for Security Researchers. That responsibility falls on both sides of the discussion. Of course it falls on the ...
Gmail Changes to Displays Images by Default
Gmail recently changed the way it displays images to you (Official Gmail Blog). From a user perspective this can be good, from a security perspective this might be good, from a ...
Mobile Application Security Testing FAQs: Post #1
A couple weeks ago I presented a webcast at Security Innovation that covered techniques for testing mobile applications. As usual I was long winded with stories and analogies an...
What LinkedIn Should Have Done with Your Passwords
By now, you’ve probably heard that LinkedIn’s passwords have been allegedly compromised. I first heard about this from a Norwegian website earlier today. Here is what we know no...
Boeing Paying Hackers to Break into Their Systems
Boeing’s systems need to be capable of staving off hackers, and for more than two years, the company has employed two “hackers” to test the security of its computer systems. I l...
Finding Your Inner Evildoer (3/4): A Good Imagination
In my previous posts I talked about what an overview of what makes a great security tester, and in depth about what it means to have complete knowledge of the system. If you hav...
When to Rebuild Your Process from Scratch
A few months ago I had the opportunity to rebuild the way we operate the services branch of our company. If you’re not familiar with my background I lead a team of the security ...