AppSecBloke (Page 2)

AppSecBloke

Sign in Subscribe

Something's Rotten In The State of InfoSec

Something's Rotten In The State of InfoSec

Like most other spaces, InfoSec isn't without its issues and dramas. In this post, I explore a few examples and offer my views.

Using components with known vulnerabilities

Using components with known vulnerabilities

In this post, I talk about how using components in your technology with known vulnerabilities can really hurt you.

Information Security as a Team (ISaaT)

Information Security as a Team (ISaaT)

Corporate information security is *everyone's* responsibility. You hear that said a lot, but does it actually mean anything?

Managing PCI DSS Compliance

Managing PCI DSS Compliance

This might seem a pretty dry subject, but if your company processes card payments, then it needs to comply the the Payment Card Industry Data Security Standard.

The (Great) Web Application Firewall

The (Great) Web Application Firewall

In this post I talk about our experimentation with web application firewalling, the subsequent implementation and what we might do in the future.

Attending InfoSec Events

Attending InfoSec Events

I attended my first InfoSec event recently and found it to be rather life changing. Read on...

Dynamic Application Security Testing

Dynamic Application Security Testing

In this post, I talk about dynamic application security testing and why Netsparker is my weapon of choice.

OWASP, My Membership And Why I Value It

OWASP, My Membership And Why I Value It

In this post, I talk about OWASP, how it's changed web application security where I work, why I became a member and find it important.

AppSec Basics - Still Overlooked

AppSec Basics - Still Overlooked

The message I'm trying to get over in this post is that there are some very common different problems other than injection out there that could lead to some pretty disastrous outcomes and in fact most of them are easy to fix.

Honourable Mentions

Honourable Mentions

At the end of my last post, I said that in this one I'd talk about some of the people that I've come into contact with during my career, whom have been critical to my development. Let me elaborate on this a little...

Who Am I?

I’m Mike and I’m an information security analyst, working for a mid-sized UK based telecoms and internet service provider. My career contains a lot of variety, so here in my first post, I’d like to share some of that journey.

Mastodon