Much has changes and much has remained the same in the vulnerability assessment space....
Read More
POINT is a small company, just four employees, and I am the only tester. We do most of our wor...
Read More
Like many, I have parents. My mother and my father are still around and kicking, and we have a...
Read More
I finally got off my butt and decided what to do with this blog and the fifteen years of posts withi...
Read More
Test an application for vulnerabilities is just like testing an application for meeting the business...
Read More
Not too long ago, I was asked to do a technical interview for a set of tests. This isn't unhea...
Read More
Once a week or so, someone calls and asks for OWASP Top 10 testing. I have to make the call on...
Read More
Back in 2018, I wrote about Insecure Binary Deserialization, and I'd like to give an update. Origina...
Read More
The Enterprise Security API for Java went to 2.2.1.0
https://github.com/ESAPI/esapi-java-legacy/blob...
Read More
Austin Schertz won the CodeMash CTF this year, and he dropped off his answers to all 19 challenges.&...
Read More
This is a blog entirely dedicated to security analysis of mobine apps. No idea who writes it b...
Read More
Fascinating look into Internet routing that caused an outage last week. We are really building...
Read More