Secure by Design

To content | To menu | To search

Thursday 6 December 2012

Strengthen the security approach of your team

When I'm doing security consulting to development teams one of the things we stress is that it's important to start taking the first steps towards improving your security posture. Moving your development team so that it's performing at the highest levels of maturity can take a lot of work (although I still recommend it), but the first step is ... well ... to take the first step.

Continue reading...

Wednesday 7 March 2012

JavaScript Hijacking

Some of the work I do involves talking to web application developers about vulnerabilities in their applications. I've found that there is a class of vulnerability that is still catching teams by surprise - JavaScript Hijacking (that is, JavaScript based cross domain request forgeries. Your assessment tool may categories these attacks using either of these terms)

Continue reading...

What is "Secure Architecture"

My previous post threw the term "architecture" about, but what is architecture? And what is "secure architecture"?

Continue reading...

Tuesday 6 March 2012


This is my new blog - dedicated to architecture and security.

Continue reading...