Scott Helme (Page 31)

Weekend project: Server Upgrade

I run my own server at home to handle various tasks and whilst it was an awesome bargain when I got it, I wanted to give it a little bump...

Free Post

Let's Encrypt

Let's Encrypt are enabling the bad guys, and why they should

I don't think anyone can disagree with the tremendous amount of progress that has been made in deploying web encryption over the last year or so and Let&...

Free Post

monitoring

Launching my new server monitoring dashboard: Horizon

I'm a sucker for pretty graphs. I love dashboards. That feeling of knowing just how everything is going at any given time is quite soothing. I recently replaced...

Free Post

azure

Azure Functions with the PHP Storage SDK

I recently made some changes to report-uri.io [https://report-uri.io] to introduce some sensible usage limits. As part of those limits I'd already introduced the...

Free Post

crawl

Alexa Top 1 Million Analysis - Feb 2017

It's time for the 4th instalment of my Alexa Top 1 Million scan and I've added a heap of new metrics to the crawler for analysis....

Free Post

Certificate Transparency

Certificate Transparency, an introduction

Certificate Transparency is an open framework for monitoring and auditing the certificates issued by Certificate Authorities in near real-time. By requiring a CA to log all certificates they generate,...

Free Post

CSRF

Cross-Site Request Forgery is dead!

After toiling with Cross-Site Request Forgery on the web for, well forever really, we finally have a proper solution. No technical burden on the site owner, no difficult implementation, it's trivially simple to deploy, it's Same-Site Cookies. As...

Free Post

securityheaders.io

A new security header: Referrer Policy

Regular readers will know how fond I am of the existing security headers so it's great to hear that we're getting another! Referrer Policy will allow...

Free Post

ocsp

OCSP Expect-Staple

OCSP Expect-Staple is a new reporting mechanism to allow site owners to monitor how reliable their OCSP Stapling implementation is. With live feedback coming direct from the browser, you...

Free Post

OCSP Stapling

OCSP Must-Staple

Revocation checking is broken and has been for some time. Whilst some vendors have sort of worked around this with proprietary solutions, there is little that the smaller sites can...

Scott Helme

Hi, I'm Scott Helme, a Security Researcher, Entrepreneur and International Speaker. I'm the creator of Report URI and Security Headers, and I deliver world renowned training on Hacking and Encryption.

Weekend project: Server Upgrade

Let's Encrypt are enabling the bad guys, and why they should

Launching my new server monitoring dashboard: Horizon

Azure Functions with the PHP Storage SDK

Alexa Top 1 Million Analysis - Feb 2017

Certificate Transparency, an introduction

Cross-Site Request Forgery is dead!

A new security header: Referrer Policy

OCSP Expect-Staple

OCSP Must-Staple

Upcoming Events

Cheat Sheets

Projects

Upcoming Events

Cheat Sheets

Projects

Follow