Free Post report-uri.io Working with Azure Table Storage - The Basics I recently launched https://report-uri.io, my new CSP and HPKP violation reporting service that is built on, amongst other things, Azure Table Storage. Using Table Storage required a little...
Free Post steelcon SteelCon 2015 Following a fantastic first year for SteelCon in 2014, I've just returned from an amazing weekend attending SteelCon 2015. With great speakers, networking, location, food and drink, there&...
Free Post chrome Chrome Address Spoofing PoC An address spoofing vulnerability has been disclosed in Google Chrome that not only allows a site to change the address you see in the address bar, but the certificate if...
Free Post CSP Combat ad-injectors with CSP and report-uri.io A lot of people dislike adverts on websites but I'm pretty sure that everyone hates adverts that are a result of malware, ad-injectors or malicious browser extensions. Ad-injectors...
Free Post report-uri.io Choosing and using Azure Table Storage for report-uri.io When building https://report-uri.io my biggest concern was how I was going to store and query the potentially huge amounts of data that the application could have to deal...
Free Post encryption InfoSecurity Badge Encryption This week I attended the InfoSecurity Europe conference in London and as with all big conferences, I was issued my own personal identity badge. After the conference was finished one...
Free Post CSP CSP and HPKP violation reporting with report-uri.io After writing about both CSP and HPKP, I covered the report-uri directive that allowed a browser to send reports back to the host if their security policy was breached. Whilst...
Free Post HSTS Hardening your HTTP response headers Following the recent announcement of my new service, https://securityheaders.io, I thought I'd cover some more of the security based HTTP response headers out there and look at how to harden your existing HTTP response headers. Introduction HTTP Response headers are...
Free Post OpenPGP Creating a PGP Contact Form After blogging about setting up PGP on Windows [https://scotthelme.co.uk/encrypted-email-is-easy/] and Android [https://scotthelme.co.uk/encrypted-email-android-phone/], it's apparent how few people really use it. In an effort to take another step towards making PGP easier to use, I...
Free Post HSTS Introducing SecurityHeaders.io After looking around for a quick and easy way to analyse the HTTP response headers of websites, I regularly found myself looking in Chrome Dev Tools. This isn't...
