Published inThe StartupAll about XSSCross Site Scripting, or XSS is an injection vulnerability where an attacker can run their own content. This can take forms of: arbitrary…Jan 6, 2021Jan 6, 2021
Published inThe StartupOWASP Top 10 — Application Vulnerabilities ExplainedFirst, if you’re reading this and would like to be a Security Engineer or brush up on your secure development skills — please reference…Dec 17, 2020Dec 17, 2020
Threat Modeling 3rd party purchases & toolsLook — I get it. It’s kinda crazy to build your own everything because there are people who’ve already done it. The prevalence of SaSS…Feb 23, 2020Feb 23, 2020
3rd Party JavaScript…partyThis post is coming directly from Considering 3rd party purchases and tools post— so see it for deeper dive into Threat Modeling product…Feb 13, 2020Feb 13, 2020
CSP — the misunderstood header: Content Security PolicyWhy do you need to care? Untrusted Code running wild on your domain doing nefarious things — that’s why!Feb 10, 2020Feb 10, 2020
Installing Burp Suite Application ProxyThis is a prerequisite to the onsite training I give at conferences. We will download and verify the signature of the Burp Suite package…Feb 20, 2019Feb 20, 2019
How many hours to learn to code? 862.I wish it was as simple as knowing the moment that you actually know the skill inside and out. Fact is, I’m still learning. That number…Jan 23, 2019Jan 23, 2019
Reflections on code school — 3 years later.Occasionally friends will contact me about learning to code, especially since I come from a non STEM background. This post is a reflection…Jan 22, 20191Jan 22, 20191
Last DayThis post was written on May 20, 2016. I found it in drafts and decided it belongs out on the web.Jan 22, 2019Jan 22, 2019
TreesA tree is our first structure that’s a hierarchical one. Each tree has one root node, and the different trees vary from there. They can be…Jan 21, 2019Jan 21, 2019