csrf

Holistic Info-Sec for Web Developers

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises. First book is complete, second book is content complete and currently in technical review.

Workshop - Web Developer Quiz Night

Attacking a set of carefully curated questions around info-sec, white hat, black hat, attack and defense.

Workshop - Holistic Info-Sec for Computer Science Students

This time for the students of University of Canterbury. An exploration into an insightful set of steps he has learned, from an architectural, engineering and penetration testing perspective. Based on the content of volume 0 & 1 of Kim’s new book “Holistic Info-Sec for Web Developers”. This time held at the University of Canterbury.

Workshop - Holistic Info-Sec for Web Developers

Hackers On Planet Earth (HOPE) conference in New York City. An exploration into an insightful set of steps he has learned, from an architectural, engineering and penetration testing perspective. Based on the content of volume 0 & 1 of Kim’s new book “Holistic Info-Sec for Web Developers”.

Talk - What's Our Software Doing With All That User Input

At OWASP NZ Day: What are we doing with all the characters that get shoved into our applications? Have we considered every potential execution context?

Workshop - Security Testing with Kim Carter

At ANZTB: Hands-on insight into security testing. Kim will discuss some of the more common security vulnerabilities being found in today’s software implementations, and will demonstrate ways of testing them.

Software Engineer Interview Process and Questions

Redirects to legacy blog post. A short time ago, I was tasked with finding the right software engineer/s for the organisation I was working for. I settled on a process, a set of background questions, a set of practical programming exercises and a set of verbal questions. Later on I cut the set of verbal questions down to a quicker set. In this post, I’ll be going over the process and the full set of verbal questions. In a subsequent post I’ll go over the quicker set.