Posts

SteelCon 2024: It was acceptable in the 80s

Posts

Recall: the Amazonification of Office Work

Posts

XZ Backdoor: Not the End of Open Source

Posts

Cyber Measures Up in Manchester

Posts

AppSec loves Agile

Posts

BSides Newcastle 2023: Chaos for the future

Posts

44CON 2023: It takes a Village

Posts

BSides Leeds 2023: Get the basics right

Posts

DevOps Enterprise Summit - airport culture

Posts

DevOps Enterprise Summit - simple paper cranes

Posts

The Case Against Automatic Dependency Updates

Posts

Harvesting Logs for Fun and Profit

Posts

Why AppSec fails

Posts

Precision Munitions for Denial of Service

Posts

Curating Dependency Vulnerabilities

Posts

On the weaponisation of open source

Posts

Pwnkit: How to exploit and check

Posts

Exponential exploit: Why AppSec is hard

Posts

Coerced to make Xerces think

Posts

How I learned to stop worrying and love a vulnerability

Posts

Hiding XXE in Spreadsheets

Posts

Laughing out loud - Malicious Reauthentication