2023
- 16 Oct Getting Humbled with Bug Bounty Hunting
- 21 Aug 10x Your AppSec Program with this One Simple Trick
- 04 Aug Hacking the OSCP: If at first you don’t succeed…
- 04 Jun Hacking the OSCP: Web Apps
- 22 Apr Remembering Dalinar
- 02 Apr Taking Breaks
- 27 Feb You can’t do "DevSecOps" without doing "DevOps"
- 11 Feb Hacking the OSCP: Recon
- 25 Jan Life after the AI-pocalypse
- 09 Jan Advice for breaking into InfoSec
2022
- 31 Dec Predictions for 2023
- 28 Dec Hacking the OSCP
- 08 Dec Scanning in the IDE: A Bad IDE(A) for Developers
- 02 Dec Great Reads of 2022
- 14 Nov Security Maturity: Geriatric Technologies
- 14 Oct With Technology, there’s no such thing as “Magic"’
- 28 Sep Security Maturity: Geriatric Teams
- 16 Sep Security Maturity: Mature Technologies
- 09 Sep Security Maturity: Mature Teams
- 31 Aug Security Maturity: Adolescent Technologies
- 10 Aug Surviving the Pan-decade: Seclusion
- 04 Aug Security Maturity: Adolescent Teams
- 26 Jul Security Maturity: Immature Technologies
- 22 Jul Security Maturity: Immature Teams
- 20 Jul Security Maturity: Teams & Their Technologies
- 15 Jul Surviving the Pan-decade: 🤬
- 07 Jul DevSecOps Essentials: Talent
- 30 Jun DevSecOps Essentials: Manual Testing
- 28 Jun DevSecOps Essentials: Dynamic Testing
- 22 Jun DevSecOps Essentials: Mitigations
- 15 Jun DevSecOps Essentials: Code Security
- 06 Jun DevSecOps Essentials: Software Asset Management
- 02 Jun DevSecOps Essentials: An Overview
- 17 May A Return to Darkness
- 04 May Security is a Feature
- 27 Apr Static Analysis: Local vs. Remote Sources
- 20 Apr Comprehensive Static Analysis: Accuracy, Speed, or Completeness
- 18 Apr Binary Static Analysis: Accuracy, Speed, or Completeness
- 12 Apr Static Code Analysis: Accuracy, Speed, or Completeness
- 08 Apr The 3 types of Static Analysis
- 04 Apr Inspirations in Security