A security and tech blog that embraces vulnerability as a catalyst for growth, fostering a supportive community of learners. Dive in for insightful discussions, the latest must read news, expert advice, and I promise to keep it entertaining along the way.
Collaborative Incident Response Best Practices: Don’t Rely on Superheroes It’s more important than ever for organizations to have an effective incident response team. However, many are relying on a few individuals with specialized knowledge who a...
You ever look up and wondered how all that water stays up there without crashing down on us? It turns out the Internet is a series of tubes and they’re holding much more than just water. Cloud providers like Amazon, Microsoft, and Google store mas...
Exciting news - I’ve started a weekly newsletter (and maybe some other fun stuff to go with it) - You can find the link to subscribe in the sidebar. I’m cross posting the welcome note from Vulnerable U here: Welcome to Vulnerable U, a newsletter...
This week with the release of iOS 9, Apple has introduced some new requirements for their TLS standards under the label App Transport Security (ATS). After going down this rabbit hole a bit for a few days to make sure we were playing nice with the...
For years, we at WhiteHat have been recommending Tokenization as the number one protection from Cross Site Request Forgery (CSRF). Just having a token is not enough, of course, as it must be cryptographically strong, significantly random, and prop...
