Clerkendweller : Web Security, Usability and Design

OWASP EU Tour 2013 in London on June 3rd

Tue, 21 May 2013 19:59:00 +0100

As part of the OWASP EU Tour 2013, there will be a special event in London next month, along the lines of the recent ones in Cambridge and Leicester. The one day conference is being held in central London on Monday 3rd of June 2013 at the Lion...

Clerkendweller

Cornucopia Ecommerce Website Edition v1.00

Sat, 18 May 2013 19:30:00 +0100

Cornucopia Ecommerce Website Edition v1.00 was uploaded to the OWASP website in February and has now been upgraded to a full OWASP project. Today, I have completed the new OWASP Cornucopia Project pages which include: Description and obj...

Clerkendweller

Internet and Mobile Literacy, Usage & Opinions

Fri, 17 May 2013 08:34:00 +0100

OFCOM, the UK communications sector's regulator and competition authority, has announced a report on adults' use of media and attitudes. More than half of internet users say they use the same passwords for most websites The Adults' Media Use an...

Clerkendweller

IP Address Sharing and Individual Identification

Fri, 10 May 2013 09:48:00 +0100

BT has announced a trial of its Carrier-Grade Network Address Translation (CGNAT) where Internet Protocol (IP) addresses will be shared between subscribers. organisations [will] generally have to treat IP addresses as personal data Concerns hav...

Clerkendweller

Consultation on Cyber Security Standard

Tue, 07 May 2013 19:39:00 +0100

The UK Cabinet Office has announced a consultation into the proposed cyber risk management standard for organisations as part of its cyber security strategy announced in November 2011. The proposed guidance and accompanying call for views and ...

Consultation on Cyber Security Standard

Clerkendweller

OWASP European Tour Kick-Off in Cambridge

Sat, 04 May 2013 07:36:00 +0100

Following the success of similar events in Latin America, a rolling tour of events with OWASP speakers will be occurring in European Countries, beginning with Cambridge this month. This first event of the tour has been organised in conjunction...

Clerkendweller

2013 Information Security Breaches

Tue, 30 Apr 2013 20:53:00 +0100

Last week the UK's Department for Business Innovation & Skills published the 2013 Information Security Breaches Survey, created in conjunction with PwC. The report presents the results of the survey and breaks the findings down for larger ...

2013 Information Security Breaches

Clerkendweller

Reflections on Security B-Sides London 2013

Sun, 28 Apr 2013 23:39:00 +0100

I have just had time to catch up on my attendance and participation at Security B-Sides London 2013. This community-led event was held at the town hall of the Royal Borough of Kensington and Chelsea on Wednesday 24th April, and was supported b...

Clerkendweller

Data Disclosure Incidents in 2013

Tue, 23 Apr 2013 06:46:00 +0100

The Verizon 2013 Data Breach Investigations Report has been published drawing on data from 19 organisations including the European CyberCrime Center. Payment cards have been a lock as the most oft-stolen data type since this study began, and 201...

Data Disclosure Incidents in 2013

Clerkendweller

AppSensor at Security B-Sides London

Fri, 19 Apr 2013 08:41:00 +0100

Next week Dinis Cruz and I will be running an AppSensor workshop at Security B-Sides London 2013. We will be demonstrating and helping attendees of the workshop specify, define and implement application-specific attack detection and real-time ...

AppSensor at Security B-Sides London

Clerkendweller

Retail Payments Now and Soon

Tue, 16 Apr 2013 07:24:00 +0100

Light Blue Touchpaper is one of my regular places to read robustly researched and argued views around information security and privacy. This week, the second part of a series on current issues in payments was published: Current Issues ...

Retail Payments Now and Soon

Clerkendweller

State of Software Security Report Volume 5

Fri, 12 Apr 2013 13:55:00 +0100

The fifth semi-annual "State of Software Security Report - The Intractable Problem of Insecure Software" has been issued by Veracode (see my previous comments on volumes 1, 2, 3 and 4). In Volume 5, there is extended analysis of the vulnerabil...

Clerkendweller

Upcoming OWASP Conferences

Tue, 09 Apr 2013 08:23:00 +0100

Three regional OWASP application security conferences are planned for later this year. OWASP runs the most comprehensive application security conferences with a very high standard of training courses, speakers and delegates to network with. Th...

Upcoming OWASP Conferences

Clerkendweller

Fair Data?

Fri, 05 Apr 2013 18:32:00 +0100

At the end of January, the Market Research Society (MRS) launched an initiative called Fair Data. Existing MRS Company Partners (who are already subject to the MRS Code of Conduct), and others who apply and pass an assessment by the MRS of the...

Fair Data?

Clerkendweller

WAF Testing

Tue, 02 Apr 2013 12:26:00 +0100

Selecting and deploying a web application firewall (WAF) needs to be undertaken using robust due diligence procurement/acquisition processes. Try before you buy A recent report (discussion) compares three different WAFs — two cloud-based ...

WAF Testing

Clerkendweller