At CampJS, Melbourne, Australia: Join Kim in the exploration into an insightful set of steps he has learned, from an architectural perspective down to the zeros and ones. Also providing insights of how attackers of your systems think.
Saturn Architect Conference, Baltimore, MD, USA: Drawing from Kim's recent blog post "[Journey to Self Hosting](https://binarymist.wordpress.com/2014/11/29/journey-to-self-hosting/)" and many more resources for some high-level ideas about cloud solutions. Kim will discuss what's good and what's not good about "the Cloud".
At OWASP NZ Day: What are we doing with all the characters that get shoved into our applications? Have we considered every potential execution context?
At ANZTB: Hands-on insight into security testing. Kim will discuss some of the more common security vulnerabilities being found in today’s software implementations, and will demonstrate ways of testing them.
Redirects to legacy blog post.
Untrusted data (data entered by a user), should always be treated as though it contains attack code. This data should not be sent anywhere without taking the necessary steps to detect and neutralise the malicious code.
Redirects to legacy blog post.
I was working on a web based project recently where there was no security thought about when designing, developing it. The following outlines my experience with retrofitting security. It’s my hope that someone will find it useful for their own implementation.
Redirects to legacy blog post.
I’ve been working on a small project that shuts down machines attached by network and of course power feed to an APC Smart-UPS. The code that was shutting down the guests required authentication to be passed to the receiving services.