TLS Handshake
Let's have a look at some of the basics of a TLS handshake. TLS has various options and extensions (e.g, the requirement for the Client »
Threat, Vulnerability and Risk
Let's take a look at each of these from a security perspective, and try to clear up any confusion. In my experience I see a lot »
Two Factor Authentication (Step) - A False Narrative
Lets have a quick chat about Two Factor Authentication (2FA) or do I mean Two Step Authentication (2SA). If you want true 2FA, the solution should »
CSRF - Cross Site Request Forgery
Let's have a quick chat about CSRF. OWASP 2013 had CSRF listed listed as number 8, while 2010 had this listed as number 5. Now, 2017 »
Privacy By Design Challenges
Cross functional & Management Involvement Unless management have an enterprise wide understanding of the needs for privacy by design it’s difficult to promote its widespread »