Home
securing.dev
Cancel

10x Your AppSec Program with this One Simple Trick

How’s that for a clickbait headline? 😜 But in all seriousness, there is one thing that I regularly see the best Application Security teams do - and which so many AppSec professionals seem to avoid ...

Hacking the OSCP: If at first you don’t succeed…

Well, it happened - In late June I sat for my first attempt at the Offensive Security Certified Professional (OSCP) exam and failed. Failing the first attempt with the OSCP is pretty common - and I...

Hacking the OSCP: Web Apps

Having recently completed the required exercises for locking-in bonus points on the exam, I thought I’d share some of the lessons I’ve learned through reacquainting myself with the repeatable proce...

Remembering Dalinar

Yesterday my wife and I had to say goodbye to our handsome five year old cat named Dalinar 😢 We learned last week that he had an advanced stage of intestinal cancer in two locations, and best case ...

Taking Breaks

One of the great joys of working with technology - especially in the Information Security industry - is that the space is constantly evolving. This offers perpetual opportunity for individuals to r...

You can’t do "DevSecOps" without doing "DevOps"

The knowledge shared in this post is derived from my experience building the DevSecOps program at Thermo Fisher Scientific - a global Fortune 100 laboratory sciences company with over 130,000 emp...

Hacking the OSCP: Recon

As I start moving my notes from Notion to Obsidian in order to reduce the chance of losing access to them on exam day, I thought I’d share the initial recon process I’ve been using to work through ...

Life after the AI-pocalypse

Full Disclosure up-front: I am employed as a Principal Security Specialist at GitHub at the time of publishing this post. I disclose this because GitHub recently released Copilot - an artificially ...

Advice for breaking into InfoSec

In studying for the OSCP, I have had the great pleasure to virtually meet and build relationships with a number of individuals pursuing a career in Information Security. Until now I’ve been offer...

Predictions for 2023

As 2022 draws to a close, I thought it might be interesting to publicly share a few of my predictions for the coming year across various topics of interest and current world events. I’ve categori...