Free Post HPKP Demonstrating HPKP validation failures I have a couple of subdomains on scotthelme.co.uk to show how good a TLS config can be and how bad a TLS config can be and still not...
Free Post report-uri.io Build a cloud scale PHP session store with Azure Table Storage Whilst building https://report-uri.io I knew that I was going to need some form of load balancing to be able to accommodate the kind of load I wanted to...
Free Post CSP Major update for report-uri.io Over the weekend I finalised a major update for https://report-uri.io, my new CSP and HPKP violation reporting service. Designed to make setting up and using your CSP even...
Free Post report-uri.io Working with Azure Table Storage - The Basics I recently launched https://report-uri.io, my new CSP and HPKP violation reporting service that is built on, amongst other things, Azure Table Storage. Using Table Storage required a little...
Free Post steelcon SteelCon 2015 Following a fantastic first year for SteelCon in 2014, I've just returned from an amazing weekend attending SteelCon 2015. With great speakers, networking, location, food and drink, there&...
Free Post chrome Chrome Address Spoofing PoC An address spoofing vulnerability has been disclosed in Google Chrome that not only allows a site to change the address you see in the address bar, but the certificate if...
Free Post CSP Combat ad-injectors with CSP and report-uri.io A lot of people dislike adverts on websites but I'm pretty sure that everyone hates adverts that are a result of malware, ad-injectors or malicious browser extensions. Ad-injectors...
Free Post report-uri.io Choosing and using Azure Table Storage for report-uri.io When building https://report-uri.io my biggest concern was how I was going to store and query the potentially huge amounts of data that the application could have to deal...
Free Post encryption InfoSecurity Badge Encryption This week I attended the InfoSecurity Europe conference in London and as with all big conferences, I was issued my own personal identity badge. After the conference was finished one...
Free Post CSP CSP and HPKP violation reporting with report-uri.io After writing about both CSP and HPKP, I covered the report-uri directive that allowed a browser to send reports back to the host if their security policy was breached. Whilst...
