2012-09-20

libinjection and SQLi Obfuscation

First presented at OWASP NYC on September 20, 2012 in New York City. Read  more»
2012-09-06

libinjection: New Techniques in Detecting SQLi Attacks

First presented at iSEC Partners Open Forum at Gilt Group on September 6, 2012 in New York Read  more»
2012-08-16

Continuous Deployment, The New #1 Security Feature

First presented at Security BSides Los Angeles on August 16, 2012 in Hermosa Beach Read  more»
2012-07-27

New Techniques in SQLi Obfuscation: SQL never before used in SQLi

After analysis of tens of thousands of real world SQLi attacks, both WAFs and attackers have missed a number of the finer points of SQL. This presentation was first given at DEFCON 20 in Las Vegas, NV Read  more»
2012-07-25

libinjection: a C library for SQLi detection and generation through lexical analysis of real world attacks.

libinjection: a C library for SQLi detection and generation through lexical analysis of real world attacks. First presented on July 25, 2012 at Black Hat USA, Las Vegas. Read  more»
2012-07-20

Time Tested PHP: Advanced Testing Techniques with libtimemachine

Using libtimemachine one can shift the system time as seen by PHP. This allows for advanced testing needed for budgeting, financial, and crytopgraphic appications Read  more»
2012-07-19

Better Random Numbers in PHP with /dev/urandom

Prevent and fix problems with PHP's random number generations by using /dev/urandom. Read  more»
2012-07-10

Facebook Extends Fundemental Social Networking Privacy Patent

Facebook extends fundamental social networking patent; Nick Galbreath listed as inventor. Read  more»
2012-06-12

Data-Driven Security: Managing Risk at Etsy

Using data to measure, manage, and expose security problems, fraud and other problems using Splunk Read  more»
2012-06-04

SANS AppSec Blog on Continuous Deployment and Security

What is continuous deployment, how it works, and why it's good for security Read  more»