Vertical Vulnerability Managment
Vulnerabilities are technology, security and risk vertical, as should be the management.
The Internet Facing Velocity Problem
It's probably faster to find a flaw in all IPv4 Assets with Open-source attack and exploit validation tools than it is for someone internal to hunt down the owners, maintainers and appropriate people for remedial actions - The Internet Facing Velocity Problem
DNS Stewardship
DNS Stewardship, the art of controlling internet facing projects from conception.
OWASP Top 10 - 2021
This post is as much as an internal sit-rep as it is one for others to witness, share and challenge, I'm trying to understand the Top10's value eleven years on, the current top10 (2021) is in draft and open for comment, I've put my comments here, as well as the opening to this conversation on github
A Method for identifying .onion associated IP addresses
This post is in theory, sound, however executing it would take real collaboration that probably doesn't exist and due to the benefits of tor to certain operations is going to be counterproductive,but, something to think about all the same
Imposter.
Thoughts on Imposter Syndrome, In summation; Imposter Syndrome is the consequence of poor support.
Publicker.
Cross-referencing acquired credentials against public known, known bad credentials in a bid to really hit home the cultural change required. or just fully breaking down a target.
Privacy Engineering ?
Grammarly taking more data than it should, a exploration and musings over the idea of privacy engineering in conjunction with application security assessments
Active Directory Network Agents and not-good deployments
That’s a Nice Palo-Alto Firewall Forescout Active Directory Integrated Network Appliance you have ther