Holistic Info-Sec for Web Developers

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises. First book is complete, second book is content complete and currently in technical review.

Workshop - Tools, Password Profiling, Brute Forcing

Kim will take ISIG through the [collection of tools]( added and configured on his penetration testing machine used throughout his book series ([Holistic Info-Sec for Web Developers]( Kim will then profile a well known celebrities password, creating a short-list, then (on-line) brute force their login. Come along, it’ll be fun.

Talk - Password Profiling, Brute Forcing

Kim talks with his fellow Toastmasters about profiling peoples passwords and then brute forcing web applications with the shortlist of guessed passwords..

Risks and Countermeasures to the Management of Application Secrets

Redirects to legacy blog post.

Establishing your SSH Server’s Key Fingerprint

Redirects to legacy blog post. When you connect to a remote host via SSH that you haven’t established a trust relationship with before, you’re going to be told that the authenticity of the host your attempting to connect to can’t be established.