AppSecBloke

Mike Featured

Media Things

This post contains various links to press articles I've contributed to, as well as other media, including recordings of talks I've been involved in.

InfoSec

Being There (Tales of A Beer Farmer)

A meandering review of six months of being a member of The Beer Farmers.

Mike

Adventures In Music: Episode II

In the first follow up to my reflection on my time in the music industry, I talk about late 2008 and the amazing experience it was.

InfoSec

Everyone, Everywhere

In this post, I talk about my experiences in the information security community, particularly focusing on characters and behaviours. It might be interesting, so read on.

Mike

Adventures In Music: Episode I

I did say that at some stage I'd write about my relatively brief career in the music industry, so here's where it started.

Cons

(AppSec) Bloke On Film!

I've now done a few public talks, and finally I can prove it.

Cons

From Punter to Speaker: BSides London

My journey began back in August 2017, when I attended my first InfoSec conference. 10 months later I delivered my first talk. This post covers that story.

GDPR

Achieving GDPR Compliance: Episode VII - Business As Usual

So, we made it. May 25th arrived and we're all exhausted. But, we're all still here!

InfoSec

Killing Bad Encryption

If your run a website, early TLS is bad. If you run a payment service, early TLS is about to be outlawed. Read on.

Cons

Nae bother. Another BSides!

I've written before about my experiences at InfoSec conferences, and last week I attended another. Here's my take on BSides Scotland.

GDPR

Achieving GDPR Compliance: Episode VI

As we're now just a few weeks away from May 25th, here's a fresh update on where we're at on our journey towards GDPR compliance.

AppSec

If You Make It, Don't Forsake It

When you build something, you want it to stand the test of time, right? In this post, I'll examine why that actually doesn't always happen.

GDPR

Achieving GDPR Compliance: Episode V

In this post, I talk about the goings on since our independent audit in November and the new date in our diaries.

Cons

(Not Just) Another InfoSec Conference

So, I've written before about attending InfoSec conferences, how they roll and make me feel. Here's my take on BSidesLeeds.

InfoSec

Patch All The Things

In this post, I'll argue the case for ensuring that as much as is physically possible, systems and underlying platforms and infrastructure are kept as up to date as possible.

AppSec

Monitoring the Baddies

In this post, I provide some insight into how I keep tabs on the bad actors hitting up the web applications I care about.

GDPR

Achieving GDPR Compliance: Episode IV - A New Audit

I know, it's a rubbish Star Wars pun, but I couldn't resit. In this post, I talk about the mechanics of our external audit and how it went.

Cons

InfoSec Conferences - Attending versus Speaking

I shoved in a speculative submission to BSidesLeeds to give a talk about web application firewalling (WAF). Here's how it went.

GDPR

Achieving GDPR Compliance: Episode III

It's my third instalment in the epic series that is our journey towards compliance with the GDPR. We're about to be externally audited.

InfoSec

Something's Rotten In The State of InfoSec

Like most other spaces, InfoSec isn't without its issues and dramas. In this post, I explore a few examples and offer my views.

InfoSec

Security versus Compliance

In this post, I talk about what drives a more secure organisation. Is it by doing all the right things, ticking all the boxes or a pragmatic blend of the two?

AppSec

Using components with known vulnerabilities

In this post, I talk about how using components in your technology with known vulnerabilities can really hurt you.

GDPR

Achieving GDPR compliance: Episode II

Episode II of our voyage towards GDPR compliance. This covers board level buy in.

InfoSec

Information Security as a Team (ISaaT)

Corporate information security is *everyone's* responsibility. You hear that said a lot, but does it actually mean anything?

InfoSec

Managing PCI DSS Compliance

This might seem a pretty dry subject, but if your company processes card payments, then it needs to comply the the Payment Card Industry Data Security Standard.