Why Logs aren’t Enough for Security
Logs. We love them. We hate them. We can’t collect enough of them. We collect too many. We save them...
Category: Web Application Security
Listening To Web Attacks
Note: this tool has been updated from the details below. Read the updated 2018 information on sigsci...
Getting Started With HoneyPy — Part 3
In my last post, Getting Started With HoneyPy — Part 2, I covered honeypot services and HoneyPy’s se...
Getting Started With HoneyPy — Part 2
source In my last post, Getting Started With HoneyPy — Part 1, I covered getting HoneyPy up and runn...
Modern Security Series: Dangers of DevOps Monotheism
Don’t miss this event, register here > https://www.signalsciences.com/resources/dangers-of-devops-mo...
Getting Started With HoneyPy — Part 1
In my last post, Introduction to HoneyPy & HoneyDB, I covered the basics of honeypots and provided a...
Introduction to HoneyPy & HoneyDB
Last week, I discussed HoneyPy and HoneyDB at Blackhat and Defcon. This week I wanted to dive a bit ...
A Reference Model for DevOps
The world needs a reference for collecting common DevOps principles and practices that are currently...
The Next Frontier of DevOps: Security
the future! it probably wont look like this… source Security is the next frontier of DevOps. Its a ...
More Silo Smashing Ideas, bringing InfoSec and DevOps together
Silo Smashing! (source http://ports.co.za/admin/large/image-587.jpg) Last week I wrote an article on...
InfoSec Confession: We protect the wrong things and we slow everything down
One of the secrets of InfoSec is that while we are spending a lot of resources on security professio...
Why DevOps and Product Teams Hate Web Application Firewalls
Welcome to WAF Jeopardy — Where you have the answers and we ask the questions! Here’s some security ...