Dev Team(s) Struggling with Security?


Let us help you reduce defects early in the software development life-cycle.
Thus significantly reduce costs downstream.

Services

What Differentiates Us

We walk the talk, our customers we partner with back us up. We can offer fixed price projects. We provide 247 access to our consultant. We are used to working in multiple time zones. If you are looking to reduce the number of security defects produced by your development team(s), and increase their productivity, BinaryMist can work with you to achieve this.

Development Team Security Roadmap $2995NZ + GST

Too many security defects in your development team(s) deliverables?
External security reviews too costly?

Let us create a security roadmap for your development team(s).

Security Strategy Retainer $3495NZ + GST

Our agreement entitles you to unlimited 1 on 1 access to Kim via phone, SMS, email, Slack, Skype, Signal, etc. Participation is limited to 10 people. Fee is for four months.

Building Security into Your Development Teams (workshop) $500 + GST per student

Full Day Interactive Workshop focussing on building security into your development team(s).

Christchurch Hacker Con

The second CHCon:

A conference aiming to raise awareness and skill levels of information security within our community.

Numisec Pte.

Security Review - Node.js Microservices

Stefan Streichsbier

Numisec Pte. Ltd

Mobiddiction

DevOps Implementation & Security Review

OWASP New Zealand Day

The ninth conference of its kind. Dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.

Peter Montgomery

InventoryTech Ltd

MYOB

DevSecOps & AWS Migration

Lana Winders

SBS Bank

Development Team Security Implementation

Your development team(s) are struggling to create secure software. Your business is paying too much for security reviews, and penetration testing at the end of the project.

Your customers want to be certain that their personal data is secure. You could be saving significant expenditure on security and software development in general.

Security Review, Penetration Testing

You need to be sure that what your development team(s) are creating is going to withstand the onslaught of those tasked with breaking your deliverables, and stealing your customers data.

Your customers want to be certain that their personal data is secure. You need your product to stand-up to those that are going to attack it.

InventoryTech

Transitioning, architecture & development

Lentune

Architectural & Security Consulting

David Gadsby

Platinum Recruitment Ltd

SBS Bank

Personal Internet Banking

Andrew Balfour

Solvam Corporation Ltd

School-Links

Process Improvement. Back End Re-Architect

Hindin Solutions

Architectural Consulting & Development

Pivot Software

Architectural Consulting

King's Church

Security Assessment

Christchurch City Council

Integration Development

Engela Pretorius

Christchurch City Council

Ming Yii

Christchurch City Council

Joe Kearns

Double-O Consultants

James Pinamonti

IAG, New Zealand

Kim’s Books

Kim is an avid writer on technical topics, be sure to review his releases.
Self Hosted, LeanPub, and Amazon, 2018.

Projects

Development Team Security Roadmap $2995NZ + GST

Too many security defects in your development team(s) deliverables?
External security reviews too costly?

Let us create a security roadmap for your development team(s).

Security Strategy Retainer $3495NZ + GST

Our agreement entitles you to unlimited 1 on 1 access to Kim via phone, SMS, email, Slack, Skype, Signal, etc. Participation is limited to 10 people. Fee is for four months.

Building Security into Your Development Teams (workshop) $500 + GST per student

Full Day Interactive Workshop focussing on building security into your development team(s).

Christchurch Hacker Con

The second CHCon:

A conference aiming to raise awareness and skill levels of information security within our community.

Numisec Pte.

Security Review - Node.js Microservices

Stefan Streichsbier

Numisec Pte. Ltd

Mobiddiction

DevOps Implementation & Security Review

OWASP New Zealand Day

The ninth conference of its kind. Dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.

Peter Montgomery

InventoryTech Ltd

MYOB

DevSecOps & AWS Migration

Lana Winders

SBS Bank

Development Team Security Implementation

Your development team(s) are struggling to create secure software. Your business is paying too much for security reviews, and penetration testing at the end of the project.

Your customers want to be certain that their personal data is secure. You could be saving significant expenditure on security and software development in general.

Security Review, Penetration Testing

You need to be sure that what your development team(s) are creating is going to withstand the onslaught of those tasked with breaking your deliverables, and stealing your customers data.

Your customers want to be certain that their personal data is secure. You need your product to stand-up to those that are going to attack it.

InventoryTech

Transitioning, architecture & development

Lentune

Architectural & Security Consulting

David Gadsby

Platinum Recruitment Ltd

SBS Bank

Personal Internet Banking

Andrew Balfour

Solvam Corporation Ltd

School-Links

Process Improvement. Back End Re-Architect

Hindin Solutions

Architectural Consulting & Development

Pivot Software

Architectural Consulting

King's Church

Security Assessment

Christchurch City Council

Integration Development

Engela Pretorius

Christchurch City Council

Ming Yii

Christchurch City Council

Joe Kearns

Double-O Consultants

James Pinamonti

IAG, New Zealand

Portfolio

Development Team Security Roadmap $2995NZ + GST

Too many security defects in your development team(s) deliverables?
External security reviews too costly?

Let us create a security roadmap for your development team(s).

Security Strategy Retainer $3495NZ + GST

Our agreement entitles you to unlimited 1 on 1 access to Kim via phone, SMS, email, Slack, Skype, Signal, etc. Participation is limited to 10 people. Fee is for four months.

Building Security into Your Development Teams (workshop) $500 + GST per student

Full Day Interactive Workshop focussing on building security into your development team(s).

Christchurch Hacker Con

The second CHCon:

A conference aiming to raise awareness and skill levels of information security within our community.

Numisec Pte.

Security Review - Node.js Microservices

Stefan Streichsbier

Numisec Pte. Ltd

Mobiddiction

DevOps Implementation & Security Review

OWASP New Zealand Day

The ninth conference of its kind. Dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.

Peter Montgomery

InventoryTech Ltd

MYOB

DevSecOps & AWS Migration

Lana Winders

SBS Bank

Development Team Security Implementation

Your development team(s) are struggling to create secure software. Your business is paying too much for security reviews, and penetration testing at the end of the project.

Your customers want to be certain that their personal data is secure. You could be saving significant expenditure on security and software development in general.

Security Review, Penetration Testing

You need to be sure that what your development team(s) are creating is going to withstand the onslaught of those tasked with breaking your deliverables, and stealing your customers data.

Your customers want to be certain that their personal data is secure. You need your product to stand-up to those that are going to attack it.

InventoryTech

Transitioning, architecture & development

Lentune

Architectural & Security Consulting

David Gadsby

Platinum Recruitment Ltd

SBS Bank

Personal Internet Banking

Andrew Balfour

Solvam Corporation Ltd

School-Links

Process Improvement. Back End Re-Architect

Hindin Solutions

Architectural Consulting & Development

Pivot Software

Architectural Consulting

King's Church

Security Assessment

Christchurch City Council

Integration Development

Engela Pretorius

Christchurch City Council

Ming Yii

Christchurch City Council

Joe Kearns

Double-O Consultants

James Pinamonti

IAG, New Zealand

Recent Posts

More Posts

The legacy BinaryMist blog is at blog.binarymist.net, with 104 posts over 8 years. I’ve included redirects to the most popular legacy posts.

This site is fully static, running on hugo and hosted on GitHub Pages. The source code is publicly available, if you see something that’s incorrect, please submit a pull request.

In this post we discuss the move from the legacy BinaryMist blog on Wordpress.com, along with the BinaryMist website, to a single static site on the Hugo platform hosted on Github Pages.

CONTINUE READING

The shared responsibility model is one that many have not grasped or understood well. Let’s look at the responsibilities of the parties.

CONTINUE READING

Lack of captchas are a risk, but so are captchas themselves…

CONTINUE READING

Not being able to introspect your application at any given time or being able to know how the health status is, is not a comfortable place to be in and there is no reason you should be there.

CONTINUE READING

Redirects to legacy blog post.

This is where A9 (Using Components with Known Vulnerabilities) of the 2013 OWASP Top 10 comes in. We are consuming far more free and open source libraries than we have ever before. Much of the code we are pulling into our projects is never intentionally used, but is still adding surface area for attack. In this post we address the risks and countermeasures.

CONTINUE READING

Talks & Workshops

More Talks

Kim delivers high quality information security talks and workshops at conferences and private events around the world.

Most of Kims talks and workshops are focussed around demonstrating and demystifying how easy it is to break into software and networks, followed with how you can rectify the demonstrated vulnerabilities, and make this part of your development teams process, rather than finding and fixing the defects once in production. This has the benefit of saving significant expenditure due to finding and fixing defects late in the development life-cycle.

Presentation style

A huge amount of effort goes into Kims talks and workshops, continuing to refine his approach over time based on the feedback he receives. Kims talks and workshops usually contain a large amount of technical information coupled with an entertainment factor to help keep listeners and trainees engaged.

Speaking at your event

If you’d like Kim to speak at your event, get in touch via the contact section.

Running a workshop for you

If you’d like Kim to run a workshop at your event or private offices, get in touch via the contact section.

Recent and upcoming public Presentations and Workshops

Tags

acceptance-criteria aggregation agile algorithm amd angular application-security archipel architecture architecture-engineering-portfolio arp-poisoning arp-spoof asic async asynchronicity asyncjs atdd ath9k-htc atheros backbone backups bcrypt bdd bithound blowfish book bootstrap burp-suite c-sharp callback callback-nesting capabilities captcha ci cipher closure cloud cloud-security code-review coding-standards commonjs composition concurrency conference continuous-deployment continuous-integration control-groups cracking crypto cryptography csrf css css3 currying cybersecurity dbc dd debian deep-callback-nesting definition-of-done deployment design-patern design-pattern dev-ops dev-sec-ops development-methodologies development-team-security-service devops-portfolio dmz docker dot-net dry dsniff dummy ecma-script ecma-script-3 ecma-script-5 ecma-script-6 eksblowfish ember encapsulation encryption es3 es5 es6 esxi event-emitter exim express fake fakeiteasy faking fgdump field-programmable-gate-arrays filtering fire-wall forever fpga free-and-open-source freebsd freenas ftp function functional-programming garbage-collection gc git gnu-linux go gpg gpu grunt gulp hacking handlebars hardware hash-dump hashing hids hips hmac holistic-info-sec-for-web-developers hugo hydra hypervisor ids information-hiding information-security infosec inheritance ioc ips jade javascript jenkins jshint justmock kali kali-linux kdf key-derivation-function kvm less linux logging lsass lsm lsp machine.specification macof marionette md5 metasploit mimikatz mitm mocha mock mocking module monit moq morgan mspec mta mvc mvp namespaces network-security networking nfs nids nightly-build nips nmap nmock nodejs nodemailer nodemon npm nspec nsubstitute ntp operational-efficiencies organisational-security-service ossec owasp owasp-top-10 owasp-zap parallelisation partial-function-application passenger pbkdf2 penetration-testing people-security performance pgp physical-security pm2 podcast polymorphism portfolio posix power-shell preprocessor prf productised-service project promise promises-a+ prototypal-inheritance prototype proxmox ps psake pseudorandom-function publication rdp reconnaissance recursion relp requirejs requiresafe responsive-design retirejs retrospective reverse-engineering rhino-mocks rsync rsyslog safenuget salt sanitisation sass scp scrum scrypt scss sdlc seccomp secure-boot security security-portfolio security-weaknesses selenium service sha-1 sha-2 sha-256 smb-cifs sniffing software-security solid specflow specification-by-example sql-injection ss ssh stdd stealth stub stubbing stylus substitute supervisor sys-admin syslog systemd sysvinit talk tcp tdd telnet terminal test test-conditions testimonial testing tl-wn722n tls ubcd udp uefi underscore ups upstart validation virtualbox virtualisation visual-studio vmware vps vps-security waf wce wcf web web-application web-application-security web-security wi-fi windows winston winston-syslog winston-syslog-posix wireless wireless-networking wireshark workshop xbehave xen xen-server xspec xss zap

Contact