Tag: Information Security

Tune your Toolbox – Building a high-value AppSec scanning programme.

I am delivering training courses on how to build effective processes around application security scanning tools as part of my work for Bounce Security. The course’s official name is “Building a High-Value AppSec Scanning Programme” and it’s unofficial, more fun but less descriptive name is “Tune your Toolbox for Velocity and Value”. This post will serve as a way of getting more information about the course.

Getting multiple GitHub accounts on one Linux/WSL machine

Introduction I recently had to set up a new laptop and one of the things I wanted was the ability to have both my work and personal GitHub accounts set up on one Linux environment, (more specifically WSL). I also wanted to ensure that at least my personal commits were signed using a GPG key … Continue reading Getting multiple GitHub accounts on one Linux/WSL machine →

AppSecEU 2018 – UNOFFICIAL Frequently asked questions

Some *completely unofficial* answers to questions about OWASP and the AppSecEU 2018 debacle based purely on publicly available information.

Daily Pen Test reports — Pros and Cons

My thoughts on how daily reporting can both enhance and damage the security testing process.