Rather than giving a security roundup or predicting future security trends for 2012, I thought it a good idea to look at some of the security bloggers over at http://www.infosecisland.com over the course of the year.

This week's episode has been hijacked by Girl Cynic. After a high level discussion with her on what input validation is all about, she thought she could make a better episode on the topic. I gave her the example of blacklisting as sugar is blacklisted from being put into my bikes petrol tank. So she … Continue reading Input Validation →

This year I was fortunate enough to be accepted on SANS work-study scheme which means I’ll be attending my course like everyone else whilst at the same time facilitating and helping run the event. I’m quite looking forward to it, as it will give me the opportunity to wear the infamous red apron that all … Continue reading SANS London 2011 →

Google recently stated that by adding _nomap to the end of your routers SSID will turn off location tracking services. This may be a stroke of genius, as there are many other applications for this concept.

A book review of Backtrack 5 Wireless Penetration Testing by Vivek Ramachandaran. A great guide for beginners and even those with some experience in wireless penetration testing. Crammed full of tutorials so you are effectively led by your hand all step by step. The book adopts a progressive and simple-to-understand methodology whereby you are explained … Continue reading Backtrack 5 Wireless Penetration Testing: Book Review →

  This video was inspired by the old five monkeys in a cage experiment. Unfortunately, you can often observe security professionals and especially auditors exhibit such behaviour. They are ‘taught’ at one stage of their life that something is secure and the way to do it. Often referred to as ‘best practice’. The problem with … Continue reading Best Practice and security Monkeys →

  This weeks video was a bit of a bodged job. I was away for the weekend and had no internet connection good enough to upload it on time. Plus I was woefully ill equipped to film in windy conditions resulting in most of the video consisting of my lips moving to the sound of … Continue reading Infosec & Drugs →

In challenging times companies are cutting back on information security departments budgets. I have, however, come up with an ingenious plan by which security departments can still keep their funding without costing the company any money whatsoever. I’m pretty sure no-one has come up with this idea ever before. There’s always a risk when coming … Continue reading Avoiding Security Budget Cuts →