infosec

Talk - 0wn1ng The Web

At CHCH.js Christchurch, due to popular demand. Taking the perspective of the penetration tester hired in by the target to find the defects in their security defences before the cyber criminals do.

Talk - 0wn1ng The Web

At WDCNZ: Kim discusses and demonstrates how JavaScript can be used for good and evil.

Talk - Does Your Cloud Solution Look Like a Mushroom

At Dot Net User Group, Christchurch, due to popular demand this presentation is being run again. Drawing from Kim's recent blog post "[Journey to Self Hosting](https://binarymist.wordpress.com/2014/11/29/journey-to-self-hosting/)" and many more resources for some high-level ideas about cloud solutions. Kim will discuss what's good and what's not good about "the Cloud".

Talk - Does Your Cloud Solution Look Like a Mushroom

At OWASP meetup, Christchurch, due to popular demand this presentation is being run again. Drawing from Kim's recent blog post "[Journey to Self Hosting](https://binarymist.wordpress.com/2014/11/29/journey-to-self-hosting/)" and many more resources for some high-level ideas about cloud solutions. Kim will discuss what's good and what's not good about "the Cloud".

Talk - Passwords 101

In this 5 – 7 minute talk, Kim demonstrates (hands on) how easy it can be to compromise passwords using a collection of techniques. Kim discusses how most developers are failing at keeping their end users safe.

Evaluation of Host Intrusion Detection Systems (HIDS)

Redirects to legacy blog post. The best time to install a HIDS is on a fresh install before you open the host up to the internet or even your LAN if it’s corporate. Of course if you don’t have that luxury, there are a bunch of tools that can help you determine if you’re already owned. Be sure to run one or more over your target system before your HIDS bench-marks it.

Workshop - Holistic Info-Sec for Web Developers

At CampJS, Melbourne, Australia: Join Kim in the exploration into an insightful set of steps he has learned, from an architectural perspective down to the zeros and ones. Also providing insights of how attackers of your systems think.

Talk - Does Your Cloud Solution Look Like a Mushroom

Saturn Architect Conference, Baltimore, MD, USA: Drawing from Kim's recent blog post "[Journey to Self Hosting](https://binarymist.wordpress.com/2014/11/29/journey-to-self-hosting/)" and many more resources for some high-level ideas about cloud solutions. Kim will discuss what's good and what's not good about "the Cloud".

Web Server Log Management

Redirects to legacy blog post. As part of the ongoing work around preparing a Debian web server to host applications accessible from the WWW I performed some research, analysis, made decisions along the way and implemented a first stage logging strategy. I’ve done similar set-ups many times before, but thought it worth sharing my experience for all to learn something from it and/or provide input, recommendations, corrections to the process so we all get to improve.

Conference - OWASP New Zealand Day

The sixth OWASP New Zealand Day conference, held at the University of Auckland.