A walkthrough of the details surrounding the GLBA Safeguards Rule and the main components required for your information security program.
Have you ever deployed 10-30 containers in AWS with the single stroke of a key? Keep reading to find out how we did exactly this for a training class.
How to accomplish string obfuscation in Rust the easy way using the litcrypt crate.
Studying how to accept vulnerabilities and secure applications
On this (Not So) Quick Bites, we're talking about writer's block, and how to get over it. Here's five tips and tricks that I use to get to writing.
A quick technology tips and tricks article to explain how to allow multiple RDP sessions on a Windows machine. A general use case is provided and...
A rundown of the Secrets Hunter capability within Paramalyzer, used to quickly find instances of sensitive information leakage in web applications.
Using ansible to add security headers to an apache web server (idea), environment defined in a Vagrantfile
Application security is a big job, for sure. And it’s not just the job of the developers or the SOC. There is an incredible amount of surface to...
This post outlines the importance of building a content security policy (CSP) to secure web applications, and how to get started building one.
Secure Ideas' Quick Bites Ep 2 - HTTP security headers are important for webapp security. Here are some that will help lockdown your site a little...
Post on SetUID drop-privileges binaries with leaked file descriptors, allowing for PrivEsc. Covers how to exploit & a tool to streamline exploitation.