Free Post report-uri.io Optimising for performance with Azure Table Storage I recently announced another huge update for https://report-uri.io and I covered all of the new features in a separate blog [https://scotthelme.co.uk/better-performance-and-custom-subdomains-on-report-uri-io/] . Alongside that I&...
Free Post HTTPS Still think you don't need HTTPS? Very often people tell me "we don't need HTTPS" and most of the time the justification is based on 1 of 2 arguments. It's...
Free Post report-uri.io The next major update for report-uri.io! I've just pushed the next major update to https://report-uri.io and there are some great new features that I'm really excited to be launching! The...
Free Post CSRF Let your framework do the heavy lifting I recently found myself in a conversation about the difficulties of building and implementing effective CSRF protection. Not only was I struggling to get across the technical details of a...
Free Post nginx Monitoring Server and Application Health with New Relic As the number of servers you manage increases, keeping an eye on them all can become a bit of a task in itself. I've used Munin [http://munin-monitoring....
Free Post nissan leaf The vulnerable web API for my Nissan Leaf I've driven a purely Electric Vehicle (EV) for over 2 years now and had intended to write about the experience at some point on my blog. Writing about the discovery of an insecure API that allows an attacker to remotely control features...
Free Post securityheaders.io The SecurityHeaders.io Chrome and Firefox Extension In a little over 2 months my HTTP header analysing service, securityheaders.io [https://securityheaders.io], has seen over 300,000 scans performed! In order to make the service easier...
Free Post CSP Security headers in the Alexa Top 1 Million I did a scan of the Alexa Top 1 Million back in August 2015 and published the results for everyone to see. Having just completed another scan of the current...
Free Post securityheaders.io securityheaders.io update I've just pushed a few changes to securityheaders.io [https://securityheaders.io] that should make the service a little easier to use! Syntax validation of header values The...
Free Post Let's Encrypt Let's Encrypt Smart Renew In a previous blog I wrote about how to get started with Let's Encrypt certificates and auto-renewing them. Free certificates are awesome and auto-renewal is even better, but...